The sample files in the authfiles directory in Microsoft Commerce Server 2002 before SP2 allow remote malicious users to bypass authentication by logging in to authfiles/login.asp with a valid username and any password, then going to the main site twice.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
microsoft commerce server 2002 |