check.php in Hinton Design phphd 1.0 does not check passwords when certain cookies are provided, which allows remote attackers to bypass authentication.Referenceshttp://secunia.com/advisories/18793http://www.securityfocus.com/bid/16586http://www.osvdb.org/23026https://exchange.xforce.ibmcloud.com/vulnerabilities/24510http://www.securityfocus.com/archive/1/424827/100/0/threadedhttp://www.evuln.com/vulns/60/summary.html
