SapporoWorks BlackJumboDog (BJD) before 4.2.3 allows remote attackers to bypass authentication and obtain sensitive information via unspecified vectors.