|
|
Family: CGI abuses --> Category: attack
Comersus BackOffice Lite Administrative Bypass Vulnerability Scan
Vulnerability Scan Summary
Searches for the existence of a BackOffice Lite Administrative Bypass
Detailed Explanation for this Vulnerability Test
Comersus ASP shopping cart is a set of ASP scripts creating an online
shoppingcart. It works on a database of your own choosing, default is
msaccess, and includes online administration tools.
By accessing the /comersus_backoffice_install10.asp file it is possible
to bypass the need to authenticate as an administrative user.
Solution: Delete the file '/comersus_backoffice_install10.asp' from the
server as it is not needed after the installation process has been
completed.
Risk factor: High
Click HERE for more information and discussions on this network vulnerability scan.
|
