CVE-2026-2165

Medium CVSS: 6.9

A weakness has been identified in detronetdip E-commerce 1.0.0. Impacted is an unknown function of the file /Admin/assets/backend/seller/add_seller.php of the component Account Creation Endpoint. Executing a manipulation of the argument email can lead to missing authentication. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

Vendor

Detronetdip

Product

E-commerce

CWE

CWE-287

Yayın Tarihi

2026-02-08 17:15:58

Güncelleme

2026-02-19 20:17:35

Source Identifier

cna@vuldb.com

KEV Date Added

Kategoriler

CWE-287 E-commerce MEDIUM Detronetdip 2026

Referanslar

https://github.com/Nixon-H/Unauthenticated-Admin-Account-Creation https://github.com/detronetdip/E-commerce/ https://github.com/detronetdip/E-commerce/issues/23 https://vuldb.com/?ctiid.344867 https://vuldb.com/?id.344867 https://vuldb.com/?submit.751857

Benzer Kayıtlar

Medium

CVE-2025-15582

A security flaw has been discovered in detronetdip E-commerce 1.0.0. The impacted element is the function Delete/Update…

Medium

CVE-2025-15583

A weakness has been identified in detronetdip E-commerce 1.0.0. This affects the function get_safe_value of the file uti…

Medium

CVE-2026-2164

A security flaw has been discovered in detronetdip E-commerce 1.0.0. This issue affects some unknown processing of the f…