5/12/16 Patch for Admin Privilege Escalation issue in v150-v155


    

20.00

Add to Cart:

We received notification from the Zen Cart Development Team that there existed a potential admin privilege escalation issue whereby logged-in admin users of v1.5.0-to-v1.5.5 (before v1.5.5a) could change their own user profile permissions if they engaged in some hackery.

This only poses a risk when multiple admin users exist AND some have been assigned a profile restricting their privileges to disallow access to certain admin sections ... AND they have some malicious desire to gain access to changing settings or viewing data against which they've been restricted.

The fix involves replacing one file.

 


Shopping Cart

Your cart is empty.

Customer Reviews

FABULOUS!

We had Judy and her son work on our cart over the holidays. All anyone can say is WOW! They did a FABULOUS job with our upgrade! We will be...
Read More ->


Our hero!

Judy is not only a pleasure to work with, she is fast and knowledgeable, and patient beyond belief in answering our questions and helping us find the...
Read More ->


Great Service

Judy is excellent in web design and help with zen cart. I highly recommend her services. Fast, efficient and great quality work. She is very...
Read More ->


Judy works like a good friend will

Judy is a rare one, not only does she do her work well, but she is so honest and professional. I would recommend her to anyone who needs help on...
Read More ->


Lost password

Dear Judy, you are a angel for us, you solved ouwer problem for the login on ouwer admin page, Judy put us back in bussines, many thanks for the...
Read More ->


Who's Online

There currently are 8 guests online.
Copyright © 2004 - 2020 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart