2 matches found
Microsoft Commerce Server 2002 authfiles/login.asp Authentication Bypass
The version of Microsoft Commerce Server 2002 installed on the remote host may enable an attacker to bypass authentication if the sample files from the 'AuthFiles' folder are installed under the web server's document root. Note that successful exploitation of this issue requires knowledge of the...
CVE-2006-1257
The sample files in the authfiles directory in Microsoft Commerce Server 2002 before SP2 allow remote attackers to bypass authentication by logging in to authfiles/login.asp with a valid username and any password, then going to the main site twice...