admin.php in Internet Photoshow and Internet Photoshow Special Edition (SE) allows remote attackers to bypass authentication by setting the login_admin cookie to true.

More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2282)