Security Advisory

CVE-2020-19778

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-04-14 13:54:43

Last updated 2024-08-04 14:15:28

Assigner mitre

State PUBLISHED

Description

Incorrect Access Control in Shopxo v1.4.0 and v1.5.0 allows remote attackers to gain privileges in "/index.php" by manipulating the parameter "user_id" in the HTML request.

← Browse all CVEs View on cve.org ↗