First published: Sun Mar 19 2006(Updated: )
The sample files in the authfiles directory in Microsoft Commerce Server 2002 before SP2 allow remote attackers to bypass authentication by logging in to authfiles/login.asp with a valid username and any password, then going to the main site twice.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Commerce Server | =2002-sp1 | |
Microsoft Commerce Server | =2002 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.