If administrator authentication is done by cookies, an attacker can easily gain administrator access by forging a cookie with name "adminmode" and value "1".
Log in to post a comment.