VULHUB ™

Admin Access With Levels Plug-in for osCommerce is reported prone to an access control bypass vulnerability. The issue is reported to present itself when a user invokes a request for a script contained in the "admin" folder, passing a specific URI parameter in the request. An attacker may exploit this condition to ultimately gain administrative access to the affected site.

Admin Access With Levels Plug-in for osCommerce is reported prone to an access control bypass vulnerability. The issue is reported to present itself when a user invokes a request for a script contained in the "admin" folder, passing a specific URI parameter in the request. An attacker may exploit this condition to ultimately gain administrative access to the affected site.