CVE-2007-2785
manage-admins.php in eSyndiCat Pro 1.x allows remote attackers to create additional administrative accounts, and have other unspecified impact, via modified username, new_pass, new_pass2, status, super, and certain other parameters in an add action.
Date published : 2007-05-21
http://www.securityfocus.com/archive/1/468966/100/0/threaded