5/12/16 Patch for Admin Privilege Escalation issue in v150-v155


    

20.00

Add to Cart:

We received notification from the Zen Cart Development Team that there existed a potential admin privilege escalation issue whereby logged-in admin users of v1.5.0-to-v1.5.5 (before v1.5.5a) could change their own user profile permissions if they engaged in some hackery.

This only poses a risk when multiple admin users exist AND some have been assigned a profile restricting their privileges to disallow access to certain admin sections ... AND they have some malicious desire to gain access to changing settings or viewing data against which they've been restricted.

The fix involves replacing one file.

 


Shopping Cart

Your cart is empty.

Customer Reviews

Everything works now

I was running Zencart on a shared "host for the masses". Needless to say the performance of my site was terrible. And the techical support...
Read More ->


Our hero!

Judy is not only a pleasure to work with, she is fast and knowledgeable, and patient beyond belief in answering our questions and helping us find the...
Read More ->


The best thing that happened to our website, was Judy!!!

Judy.... words can not begin to let you know how blessed we were to find YOU!!! The ease and professionalism in which you handled our needs was just...
Read More ->


I could never thank you enough!

Judy has provided me incredible service to provide my customers an awesome shopping experience! My store has had many changes and additions which...
Read More ->


Such a Help

I bought a business with three websites run by Zen Cart. The Webmaster I inherited was not helpful. I came across Judy with search engines and got...
Read More ->


Who's Online

There currently are 5 guests online.
Copyright © 2004 - 2022 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart