phpBazar 2.1.1fix and previous versions does not require administrative authentication for admin/admin.php, which allows remote malicious users to obtain access to the admin control panel via a direct request.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
smartisoft phpbazar 2.0.2 |
||
smartisoft phpbazar 2.1.0 |
||
smartisoft phpbazar 2.1.1fix |
||
smartisoft phpbazar |