CVE-2007-0874
Allonsvoter 1.0 allows remote attackers to bypass authentication and access certain administrative functionality via a direct request for 1 adminajouter.php or 2 adminsupprimer.php. NOTE: this could be leveraged to conduct cross-site scripting XSS attacks...