Advanced Poll prior to 1.61, when using a flat file database, allows remote malicious users to gain privileges by setting the logged_in parameter.
advanced poll advanced poll