CVE-2019-8292

Summary

Online Store System v1.0 delete_product.php doesn't check to see if a user authtenticated or has administrative rights allowing arbitrary product deletion.

Affected Software

VendorProductVersion RangeStatus
abcprintfOnline Storeunspecified <= 1.0affected

Weaknesses

  • unauthenticated arbitrary product deletions.

ADP Enrichment

CVE Program Container

Additional References

References