Unspecified vulnerability in cron.php in FreeSeat before 1.1.5d, when format.php has certain modifications, allows remote attackers to bypass authentication and gain privileges via unspecified vectors related to the show_foot function.
https://exchange.xforce.ibmcloud.com/vulnerabilities/39648
http://sourceforge.net/project/shownotes.php?group_id=160239&release_id=568374