3 matches found
CVE-2019-8292
Online Store System v1.0 deleteproduct.php doesn't check to see if a user authtenticated or has administrative rights allowing arbitrary product deletion...
CVE-2019-8292
Online Store System v1.0 deleteproduct.php doesn't check to see if a user authtenticated or has administrative rights allowing arbitrary product deletion...
CVE-2019-8292
The CVE-2019-8292 entry concerns Online Store System v1.0 where delete_product.php fails to verify authentication or administrative privileges, enabling arbitrary product deletion. This is an access control flaw (no authentication checks or admin rights verification) that directly affects the del...