Shopversion niedriger als 1. An attacker with a privileged network position which could be obtained via DNS spoofing of www.

An attacker could exploit this vulnerability by persuading a user of the web-based management interface to click a link that submits malicious input to the interface. The error log is exposed at an errors.

An attacker could exploit this vulnerability by extracting the credentials from an image of the affected software and using those credentials to generate a valid administrative session token for the web-based service portal of any other installation of the affected software. Shopsystem kennenlernen. Mehr zum Update erfahren.