CVE-2007-1471 Information

Description

admin/default.asp in Orion-Blog 2.0 allows remote attackers to bypass authentication controls and gain privileges via a direct URL request for admin/AdminBlogNewsEdit.asp.

Reference

http://osvdb.org/35039 http://securityreason.com/securityalert/2440 http://www.securityfocus.com/archive/1/462920/100/0/threaded