Vulnerabilities
Projects
Vulnerability Disclosure
About Us
Contact Us
Mend.io Vulnerability Database
What is a CVE vulnerability ID? 
What is a WS vulnerability ID?
What is an MSC vulnerability ID?
New vulnerability? Tell us about it!
What is a WS vulnerability ID?
What is an MSC vulnerability ID?
We found results for “”
CVE-2022-23061
Date: May 1, 2022
Overview
In Shopizer versions 2.0 to 2.17.0 a regular admin can permanently delete a superadmin (although this cannot happen according to the documentation) via Insecure Direct Object Reference (IDOR) vulnerability.Details
Shopizer application generally does not allow a regular admin to delete a superadmin according to the documentation. This can be bypassed due to IDOR vulnerability.PoC Details
Browse the application and login with regular administrator credentials (a regular admin can only manage users in its own store) via “/admin/login.html” endpoint. Now navigate to “admin/users/list.html” endpoint. Intercept the traffic via burp before deleting the user. Replace the userId parameter with superadmin’s id (that you created for the POC). We can see that the superadmin is permanently deleted and we are unable to login as the superadmin.Affected Environments
2.0 through 2.17.0Prevention
Upgrade version to 3.0.0 or higherLanguage: Java
Good to know:
| Base Score: |
|
|---|---|
| Attack Vector (AV): | Network |
| Attack Complexity (AC): | Low |
| Privileges Required (PR): | High |
| User Interaction (UI): | None |
| Scope (S): | Unchanged |
| Confidentiality (C): | None |
| Integrity (I): | High |
| Availability (A): | High |
| Base Score: |
|
|---|---|
| Access Vector (AV): | Network |
| Access Complexity (AC): | Low |
| Authentication (AU): | Single |
| Confidentiality (C): | None |
| Integrity (I): | Partial |
| Availability (A): | Partial |
| Additional information: |