index.php in BlogPHP 2.0 allows remote malicious users to gain administrator privileges via a crafted email parameter in a register2 action.
blogphp blogphp 2.0