01186: any username accepted with admin password
Description: i can input any non existing username as long as it have admin's password and pmwiki accepted the login
This is a known and expected behavior, the admin password, as defined by
, should work without any need to fill the username field. The admin password should be really secret. --Petko April 23, 2010, at 02:19 AM
then, it should be noted somewhere (in config.php or installation instruction) to let users aware of this.