5/12/16 Patch for Admin Privilege Escalation issue in v150-v155


    

20.00

Add to Cart:

We received notification from the Zen Cart Development Team that there existed a potential admin privilege escalation issue whereby logged-in admin users of v1.5.0-to-v1.5.5 (before v1.5.5a) could change their own user profile permissions if they engaged in some hackery.

This only poses a risk when multiple admin users exist AND some have been assigned a profile restricting their privileges to disallow access to certain admin sections ... AND they have some malicious desire to gain access to changing settings or viewing data against which they've been restricted.

The fix involves replacing one file.

 


Shopping Cart

Your cart is empty.

Customer Reviews

Judy Goes ABOVE and BEYOND

From my experience with the worst, I can tell you that Zen Cart Ecommerce Web Design is the best. Judy has established prices but she goes above and...
Read More ->


Judy Gunderson saved my bacon!

Judy Gunderson saved my bacon! Actually, she saved my store database, putting it back together after a series of unfortunate incidents in which...
Read More ->


Such a Help

I bought a business with three websites run by Zen Cart. The Webmaster I inherited was not helpful. I came across Judy with search engines and got...
Read More ->


Awesome Professional Lady

Thank you, Judy! You are awesome. If I listed all that you did for us, it would take all day and sound like you paid me to say it. I am blessed...
Read More ->


Guru Judy

I have indeed found my new guru in Judy!! She literally saved my website and my sanity. For the past year I have been on a roller coaster ride with...
Read More ->


Who's Online

There currently are 16 guests online.
Copyright © 2004 - 2022 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart