5/12/16 Patch for Admin Privilege Escalation issue in v150-v155


    

20.00

Add to Cart:

We received notification from the Zen Cart Development Team that there existed a potential admin privilege escalation issue whereby logged-in admin users of v1.5.0-to-v1.5.5 (before v1.5.5a) could change their own user profile permissions if they engaged in some hackery.

This only poses a risk when multiple admin users exist AND some have been assigned a profile restricting their privileges to disallow access to certain admin sections ... AND they have some malicious desire to gain access to changing settings or viewing data against which they've been restricted.

The fix involves replacing one file.

 


Shopping Cart

Your cart is empty.

Customer Reviews

Guru Judy

I have indeed found my new guru in Judy!! She literally saved my website and my sanity. For the past year I have been on a roller coaster ride with...
Read More ->


Judy is the BEST!

Where does one begin? I am a VERY picky person especially when it comes to my sites. Judy has performed above and beyond each and every time. One...
Read More ->


Quick, efficient, professional

Judy accepted our assignment of fixing a problem caused by an upgrade which we spent three days troubleshooting. She was able to locate the problems...
Read More ->


Judy is Truly the ZenCart Guru

Judy took on the massive task of moving my web store from a godaddy server to a new server, upgrading ZenCart to the latest version, giving the site...
Read More ->


Thank you, Judy!

With much stress and disarray of trying to install and operate Zen Cart on my own, I called Judy. Instantly we hit it off and she effortlessly got my...
Read More ->


Who's Online

There currently are 9 guests online.
Copyright © 2004 - 2020 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart