Skalfa Software SkaLinks Exchange Script 1.5 allows remote attackers to add new administrators and gain privileges via a direct request to admin/register.php.