source: https://www.securityfocus.com/bid/8441/info Fusion News is prone to an access validation error allowing a user to add arbitrary user/administrator accounts through manipulating URI parameters. Successful exploitation of this error may allow a user to compromise a vulnerable system by gaining administrative privileges. The problem is reported to be present in Fusion News 3.3, however older versions may be vulnerable as well. http://www.example.com/FusionNews/? id=signup&username=DarkKnight&email=EMAIL@EMAIL.COM+&password=123456&icon= &le=3