Scripteen Free Image Hosting Script 1.2 and 1.2.1 allows remote attackers to bypass authentication and gain administrative access by setting the cookid cookie value to 1.

More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-3211)