Prozilla Reviews 1.0 allows remote malicious users to delete arbitrary users via a modified UserID parameter in a direct request to siteadmin/DeleteUser.php.
prozilla reviews 1.0