CVE-2019-16403

In Webkul Bagisto before 0.1.5, the functionalities for customers to change their own values (such as address, review, orders, etc.) can also be manipulated by other customers.
References
Link Resource
https://github.com/bagisto/bagisto/issues/749 Exploit Third Party Advisory
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:webkul:bagisto:*:*:*:*:*:*:*:*

Information

Published : 2019-09-18 05:15

Updated : 2020-08-24 10:37


NVD link : CVE-2019-16403

Mitre link : CVE-2019-16403


JSON object : View

CWE
CWE-639

Authorization Bypass Through User-Controlled Key

Advertisement

dedicated server usa

Products Affected

webkul

  • bagisto