A Vertical Privilege Escalation issue in Merchandise Online Store v.1.0 allows an attacker to get access to the admin dashboard.
References
Link | Resource |
---|---|
https://github.com/draco1725/localpriv/blob/main/poc | Exploit Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
08 Aug 2023, 14:21
Type | Values Removed | Values Added |
---|---|---|
CWE | CWE-425 |
11 Oct 2022, 20:30
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-10-11 18:15
Updated : 2024-02-04 22:51
NVD link : CVE-2022-42238
Mitre link : CVE-2022-42238
CVE.ORG link : CVE-2022-42238
JSON object : View
Products Affected
merchandise_online_store_project
- merchandise_online_store
CWE
CWE-425
Direct Request ('Forced Browsing')