Unrated severityNVD Advisory· Published May 1, 2022· Updated Sep 17, 2024
Shopizer - IDOR delete superadmin
CVE-2022-23061
Description
In Shopizer versions 2.0 to 2.17.0 a regular admin can permanently delete a superadmin (although this cannot happen according to the documentation) via Insecure Direct Object Reference (IDOR) vulnerability.
Affected products
1- Range: 2.0
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
2- github.com/shopizer-ecommerce/shopizer/commit/6b9f1ecd303b3b724d96bd08095c1a751dcc287emitrex_refsource_MISC
- www.whitesourcesoftware.com/vulnerability-database/CVE-2022-23061mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.