9.6 High
AI Score
Confidence
High
0.007 Low
EPSS
Percentile
80.9%
Incorrect Access Control in Shopxo v1.4.0 and v1.5.0 allows remote attackers to gain privileges in β/index.phpβ by manipulating the parameter βuser_idβ in the HTML request.
cwe.mitre.org/data/definitions/472.html
github.com/gongfuxiang/shopxo/issues/23