MailWorks Pro has a rather trivial session check that is easily bypassed within a cookie. The exploit allows an attacker to have full control over the administration section, without the need to authenticate and allowing the attacker to spoof the admin user functions.
64f806d87188174506bf5d339c345a68c771bfbe066bd831ff2d52d093ddbc90