Prozilla Topsites 1.0 allows remote attackers to perform administrative actions via a direct request to (1) addu.php, (2) editu.php, and (3) uidx.php in siteadmin/.

More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-1784)