The Admin Panel of PHP Scripts Mall Advance Peer to Peer MLM Script v1.7.0 allows remote attackers to bypass intended access restrictions by directly navigating to admin/dashboard.php or admin/user.php, as demonstrated by disclosure of information about users and staff.
CVSS 2.0
Severity: MEDIUM
Problem Type: CWE-425,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| advance_peer_to_peer_mlm_script_project | advance_peer_to_peer_mlm_script | 1.7.0 |