5/12/16 Patch for Admin Privilege Escalation issue in v150-v155


    

20.00

Add to Cart:

We received notification from the Zen Cart Development Team that there existed a potential admin privilege escalation issue whereby logged-in admin users of v1.5.0-to-v1.5.5 (before v1.5.5a) could change their own user profile permissions if they engaged in some hackery.

This only poses a risk when multiple admin users exist AND some have been assigned a profile restricting their privileges to disallow access to certain admin sections ... AND they have some malicious desire to gain access to changing settings or viewing data against which they've been restricted.

The fix involves replacing one file.

 


Shopping Cart

Your cart is empty.

Customer Reviews

Above and Beyond!

I have used Judy several times over the years to upgrade my zencart. This last time we did an upgrade to version 1.3.9a. I didn't have to wait long...
Read More ->


hooked it up!

Judy went above and beyond the call of duty. She provided a great service to my website and helped me understand what the heck i just paid for lol...
Read More ->


My Angel

My Angel

I wasted 2 weeks of my precious working time TRYING to figure out what I needed to learn to achieve my goal of moving to a new server, upgrading my...
Read More ->


Zen Cart Guru

After many hours of hard work and frustration with other web developers, we desperately needed to find someone we could rely on. We finally found...
Read More ->


Professional and nice

She did exactly what I needed!
Read More ->


Who's Online

There currently are 6 guests online.
Copyright © 2004 - 2020 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart