check.php in Hinton Design phphd 1.0 does not check passwords when certain cookies are provided, which allows remote malicious users to bypass authentication.
hinton design phphd 1.0