5/12/16 Patch for Admin Privilege Escalation issue in v150-v155

20.00

Add to Cart:

We received notification from the Zen Cart Development Team that there existed a potential admin privilege escalation issue whereby logged-in admin users of v1.5.0-to-v1.5.5 (before v1.5.5a) could change their own user profile permissions if they engaged in some hackery.

This only poses a risk when multiple admin users exist AND some have been assigned a profile restricting their privileges to disallow access to certain admin sections ... AND they have some malicious desire to gain access to changing settings or viewing data against which they've been restricted.

The fix involves replacing one file.

 


         

Your header in Here

Customer Reviews


Our hero!

Judy is not only a pleasure to work with, she is fast and knowledgeable, and patient beyond belief in answering our questions and helping us find the...
Read More ->


Quick, efficient, professional

Judy accepted our assignment of fixing a problem caused by an upgrade which we spent three days troubleshooting. She was able to locate the problems...
Read More ->


Outstanding Knowledge of Zen Cart

Over the past several years, Judy and her team have provided an unparalleled level of technical support for my business. In the years prior to...
Read More ->


Zen Goddess

Judy, You are our Zen Goddess!! You have done wonders to our site.. People, do not even have any doubt. She has saved our site a few times from...
Read More ->


The best thing to happen to my website

I was at the point of wanting to completely redo my website. I couldn't take the slow loading pages and constant forum reading looking for solutions...
Read More ->


Who's Online

There currently are 7 guests online.
Copyright © 2004 - 2019 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart