Lucene search
Veracode Vulnerability DatabaseVERACODE:35395HistoryMay 05, 2022 - 12:44 p.m.
Improper Access Control
2022-05-0512:44:15
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
11
shopxo
vulnerability
add function
database injection
modification
EPSS
0.002
Percentile
64.9%
shopxo/shopxo is vulnerable to improper access control. The vulnerability exists in Add function in Index.php because it doesn’t validate visitors and existing databases which allows an attacker to inject and modify the original data in the database.
Related
cve
cve
CVE-2022-28056
2022-05-02 14:15:08
prion
prion
Design/Logic Flaw
2022-05-02 14:15:00
cvelist
cvelist
CVE-2022-28056
2022-05-02 13:36:20
nvd
nvd
CVE-2022-28056
2022-05-02 14:15:08
osv
osv
CVE-2022-28056
2022-05-02 14:15:08
Incorrect Permission Assignment for Critical Resource in ShopXO
2022-05-03 00:00:42
github
github
Incorrect Permission Assignment for Critical Resource in ShopXO
2022-05-03 00:00:42