Tr Forum 2.0 allows remote malicious users to bypass authentication and add an administrative account via the login and password parameters to admin/insert_admin.php.
tr forum tr forum 2.0