Cookie modification allows unauthenticated user login in Geeklog 1.3
A major security vulnerability exists in Geeklog 1.3, released on December 30th, 2001. When permanent cookies are enabled, as they are in a stock install, Geeklog stores a user's UID in a cookie upon successful login. This cookie is subsequently used during future visits to the site to...