Comersus ASP Shopping Cart comersus_backoffice_install10.asp Admin Authentication Bypass
Remote / Network Access
Loss of Integrity
ASP Shopping Cart contains a flaw that may allow a malicious user to gain unauthorized administrative rights. The issue is triggered when the comersus_backoffice_install10.asp file is accessed directly, which grants administrative rights without any validation. It is possible that the flaw may allow unauthorized administrative access resulting in a loss of integrity.
Upgrade to version 6.0.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.