AlkalinePHP 0.77.35 and earlier allows remote attackers to bypass authentication and gain administrative access by creating an admin account via a direct request to adduser.php.

More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2346)