Critical severity9.8NVD Advisory· Published Apr 14, 2021· Updated Jun 17, 2026
CVE-2020-19778
CVE-2020-19778
Description
Incorrect Access Control in Shopxo v1.4.0 and v1.5.0 allows remote attackers to gain privileges in "/index.php" by manipulating the parameter "user_id" in the HTML request.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Shopxo/Shopxodescription
Patches
Vulnerability mechanics
References
2- github.com/gongfuxiang/shopxo/issues/23nvdExploitThird Party Advisory
- cwe.mitre.org/data/definitions/472.htmlnvdThird Party Advisory
News mentions
0No linked articles in our index yet.