oj
oj.cgi in OpenJournal 2.0 through 2.0.5 allows remote attackers to bypass authentication and access the control panel via a 0 in the uid parameter.
Exploitability
AV:N
AC:L
Au:N
Impact
C:C
I:C
A:C
10/AV:N/AC:L/Au:N/C:C/I:C/A:C