Vulnerable product: XEForum
Vendor: http://www.xeforum.com/
Found: Jun 26, 2007
XeForum contains a flaw that may allow a remote attacker to gain administrative privileges.
Modifying contained cookie you can change of session and to even enter like administrator.