5/12/16 Patch for Admin Privilege Escalation issue in v150-v155


    

20.00

Add to Cart:

We received notification from the Zen Cart Development Team that there existed a potential admin privilege escalation issue whereby logged-in admin users of v1.5.0-to-v1.5.5 (before v1.5.5a) could change their own user profile permissions if they engaged in some hackery.

This only poses a risk when multiple admin users exist AND some have been assigned a profile restricting their privileges to disallow access to certain admin sections ... AND they have some malicious desire to gain access to changing settings or viewing data against which they've been restricted.

The fix involves replacing one file.

 


Shopping Cart

Your cart is empty.

Customer Reviews

Saved our company !!

I truly thought that our site was doomed. With the Zen Cart patch vulnerability threat that I was unaware of as well as our Web Mistress. The site...
Read More ->


Judy Rocks!!

Judy is absolutely the BEST! She did in less than three days what another person had been working on for three months and still didn't have it up and...
Read More ->


Incredible!

I found Judy out of sheer desperation. I had been working with another company for approx. 1 1/2 years! and they never finished my site or configured...
Read More ->


Judy the Savior of our business

Judy, Words can not express the gratitude,we at werbeautiful.com feel. Our website was down due to hackers, we were making no money. We called...
Read More ->


Awesome job Judy

Judy, thank you very much for the work you did to my website. it looks great, and it does everything that you said it would. I will be calling on...
Read More ->


Who's Online

There currently are 9 guests online.
Copyright © 2004 - 2021 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart