AGTC MyShop 3.2b allows remote attackers to bypass authentication and obtain administrative access setting the log_accept cookie to "correcto."