Admin.php in Web Slider 0.6 allows remote malicious users to bypass authentication and gain privileges by setting the admin cookie to 1.
sourceforge web slider 0.6