Lucene search
K

5 matches found

Github Security Blog
Github Security Blog
added 2025/03/18 3:30 p.m.8 views

TastyIgniter Has an Incorrect Access Control Vulnerability

TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the Orders Management System, allowing unauthorized users to update order statuses. The issue occurs in the indexonUpdateStatus function within Orders.php, which fails to verify if the user has permission to modify an order'...

6.5CVSS6.5AI score0.0027EPSS
Exploits0References4Affected Software1
NVD
NVD
added 2025/03/18 3:15 p.m.25 views

CVE-2024-44314

TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the Orders Management System, allowing unauthorized users to update order statuses. The issue occurs in the indexonUpdateStatus function within Orders.php, which fails to verify if the user has permission to modify an order'...

6.5CVSS0.0027EPSS
Exploits0References2
CVE
CVE
added 2025/03/18 12:0 a.m.45 views

CVE-2024-44314

TastyIgniter 3.7.6 contains an Incorrect Access Control in the Orders Management System. The vulnerability resides in Orders.php: index_onUpdateStatus(), which fails to verify a user’s permission before updating an order’s status. This allows unauthorized users to remotely modify orders (I:H, P:L...

6.5CVSS6.3AI score0.0027EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2025/03/18 12:0 a.m.5 views

CVE-2024-44314

TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the Orders Management System, allowing unauthorized users to update order statuses. The issue occurs in the indexonUpdateStatus function within Orders.php, which fails to verify if the user has permission to modify an order'...

6.6AI score0.0027EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/03/18 12:0 a.m.35 views

CVE-2024-44314

TastyIgniter 3.7.6 contains an Incorrect Access Control vulnerability in the Orders Management System, allowing unauthorized users to update order statuses. The issue occurs in the indexonUpdateStatus function within Orders.php, which fails to verify if the user has permission to modify an order'...

0.0027EPSS
Exploits0References2
Rows per page
Query Builder