5/12/16 Patch for Admin Privilege Escalation issue in v150-v155


Add to Cart:

We received notification from the Zen Cart Development Team that there existed a potential admin privilege escalation issue whereby logged-in admin users of v1.5.0-to-v1.5.5 (before v1.5.5a) could change their own user profile permissions if they engaged in some hackery.

This only poses a risk when multiple admin users exist AND some have been assigned a profile restricting their privileges to disallow access to certain admin sections ... AND they have some malicious desire to gain access to changing settings or viewing data against which they've been restricted.

The fix involves replacing one file.



Your header in Here

Customer Reviews

My Angel

My Angel

I wasted 2 weeks of my precious working time TRYING to figure out what I needed to learn to achieve my goal of moving to a new server, upgrading my...

Thank you, Judy!

With much stress and disarray of trying to install and operate Zen Cart on my own, I called Judy. Instantly we hit it off and she effortlessly got my...

Judy is a pleasure to do business with

I came across Judy by accident, Google actually, after having had trouble with a couple of people who were not interested in helping develop a...


I have gone through hell and back trying to find someone to help me get my website up and running properly. By the grace of god, I found Judy and...

A Knightess in Shining armor

Miss Judy has been a great help setting up and improving our cart. She is an honest person I do not worry about her when she is working on my site....

Who's Online

There currently are 15 guests online.
Copyright © 2004 - 2018 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart