Public CVE-2006-7013 disclosure

admin.php in BloggIT 1.01 and earlier does not properly establish a user session, which allows remote attackers to gain privileges via a direct request.