<!DOCTYPE html>
<html lang="de" prefix="og: http://ogp.me/ns#">
<head>

<title>Adding permission check for admin order edits and legacy controller to prevent unauthenticated usage</title>
<base href="https://tsecurity.de">

<link rel="canonical" href="https://tsecurity.de/de/1128699/Reverse-Engineering/Sicherheitsl%C3%BCcken/Adding-permission-check-for-admin-order-edits-and-legacy-controller-to-prevent-unauthenticated-usage/" />
<meta charset="utf-8">
<link rel="manifest" href="/manifest.json">

<meta name="subject" content="IT Sicherheit Nachrichtenportal">
<meta name="distribution" content="Global">
<meta name="coverage" content="Worldwide">

<meta name="category" content="Nachrichtenportal">
<meta name="directory" content="submission">
<meta name="owner" content="Bludau Media">
<meta name="rating" content="general">
<meta name="web_author" content="Jan Bludau" />

<meta name="description" content="🚀✅ TOP aktuelle IT Sicherheit Nachrichten aus über 420 RSS IT Security Quellen. Team IT Security alle 15 Minuten aktuallisiert. ✅ IT Security ist abonierbar per RSS-Feed. ✅ Werde auch du Teil von der IT Sicherheit Community TEAM IT SECURITY.">
<meta name="email" content="kontakt@tsecurity.de" />
<meta property="fb:page_id" content="640127549484944" />
 <meta name="format-detection" content="telephone=yes">
<meta name="mobile-web-app-capable" content="yes">
<meta name="apple-mobile-web-app-capable" content="yes">
<meta name="application-name" content="Team Security">
<meta name="apple-mobile-web-app-title" content="tsecurity">
<meta name="theme-color" content="#2196f3">
<meta name="msapplication-navbutton-color" content="#2196f3">
<meta name="apple-mobile-web-app-status-bar-style" content="black-translucent">
<meta name="msapplication-starturl" content="/?pk_campaign=PWA&pk_kwd=startup">
<meta name="viewport" content="width=device-width, initial-scale=1, shrink-to-fit=no">
<link rel="alternate" type="application/rss+xml" title="Team IT Security Nachrichtenportal" href="https://tsecurity.de/it-security-feed/Alle-Kategorien%7C1" />
<link rel="icon" type="image/png" sizes="192x192" href="/templates/tsecurity.de/media/xlogo-social-media.png.pagespeed.ic.O0R81RBjg2.jpg">
<link rel="apple-touch-icon" type="image/png" sizes="192x192" href="/templates/tsecurity.de/media/xlogo-social-media.png.pagespeed.ic.O0R81RBjg2.jpg">
<link rel="icon" type="image/png" sizes="512x512" href="/templates/tsecurity.de/media/xlogo-social-media.png.pagespeed.ic.O0R81RBjg2.jpg">
<link rel="apple-touch-icon" type="image/png" sizes="512x512" href="/templates/tsecurity.de/media/xlogo-social-media.png.pagespeed.ic.O0R81RBjg2.jpg">
<link rel="alternate" id="alternate-androidapp" href="android-app://com.companyname.Xamarin_TSecurity" />
<meta content="INDEX,FOLLOW" name="robots">
<meta name="msvalidate.01" content="AB583A6651F52B82FC00782C07C74C10" />

<meta name="copyright" content="Team Security">
<meta name="page-topic" content="Nachrichtenportal,IT-Sicherheit,IT-Security">
<meta name="revisit-after" content="7 days">
<meta property="og:locale" content="de_DE" />
<meta property="og:type" content="article" />
<meta property="og:site_name" content="Team IT Security" />
<meta property="og:title" content="Adding permission check for admin order edits and legacy controller to prevent unauthenticated usage" />
<meta property="og:description" content="Missing permission checks could lead to unauthorized usage in the admin section through the API.

    This vulnerability affects the following application versions:
    PrestaShop 1.7.0.0
        
            PrestaShop 1.7.0.0 beta1
        
            PrestaShop 1.7.0.0 beta2
        
            PrestaShop 1.7.0.0 beta3
        
            PrestaShop 1.7.0.0 RC0
        
            PrestaShop 1.7.0.0 RC1
        
            PrestaShop 1.7.0.0 RC2
        
            PrestaShop 1.7.0.0 RC3
        
            PrestaShop 1.7.0.1
        
            PrestaShop 1.7.0.2
        
            PrestaShop 1.7.0.3
        
            PrestaShop 1.7.0.4
        
            PrestaShop 1.7.0.5
        
            PrestaShop 1.7.0.6
        
            PrestaShop 1.7.1.0
        
            PrestaShop 1.7.1.0 beta1
        
            PrestaShop 1.7.1.1
        
            PrestaShop 1.7.1.2
        
            PrestaShop 1.7.2.0
        
            PrestaShop 1.7.2.0 RC 1
        
            PrestaShop 1.7.2.1
        
            PrestaShop 1.7.2.2
        
            PrestaShop 1.7.2.3
        
            PrestaShop 1.7.2.4
        
            PrestaShop 1.7.2.5
        
            PrestaShop 1.7.3.0
        
            PrestaShop 1.7.3.0 beta 1
        
            PrestaShop 1.7.3.0 RC 1
        
            PrestaShop 1.7.3.1
        
            PrestaShop 1.7.3.2
        
            PrestaShop 1.7.3.3
        
            PrestaShop 1.7.3.4
        
            PrestaShop 1.7.4.0
        
            PrestaShop 1.7.4.0 beta 1
        
            PrestaShop 1.7.4.1
        
            PrestaShop 1.7.4.2
        
            PrestaShop 1.7.4.3
        
            PrestaShop 1.7.4.4
        
            PrestaShop 1.7.5.0
        
            PrestaShop 1.7.5.0 beta 1
        
            PrestaShop 1.7.5.0 RC 1
        
            PrestaShop 1.7.5.1
        
            PrestaShop 1.7.5.2
        
            PrestaShop 1.7.6.0
        
            PrestaShop 1.7.6.0 beta 1
        
            PrestaShop 1.7.6.0 RC 1
        
            PrestaShop 1.7.6.0 RC 2
        
            PrestaShop 1.7.6.1
        
            PrestaShop 1.7.6.2
        
            PrestaShop 1.7.6.3
        
            PrestaShop 1.7.6.4
        
            PrestaShop 1.7.6.4  1
        
    " />
<meta name="coverage" content="Worldwide">
<meta property="og:url" content="https://tsecurity.de/de/1128699/Reverse-Engineering/Sicherheitsl%C3%BCcken/Adding-permission-check-for-admin-order-edits-and-legacy-controller-to-prevent-unauthenticated-usage/" />
<meta property="og:image" content="https://tsecurity.de/templates/tsecurity.de/media/logo-social-media.png" />
<meta property="og:image:width" content="200" />
<meta property="og:image:height" content="200" />

<meta name="twitter:creator" content="@thE_iNviNciblE0">
<meta name="twitter:card" content="summary_large_image">
<meta name="twitter:site" content="@security_de" />
<meta name="twitter:title" content="Adding permission check for admin order edits and legacy controller to prevent unauthenticated usage" />
<meta name="twitter:description" content="Missing permission checks could lead to unauthorized usage in the admin section through the API.

    This vulnerability affects the following application versions:
    PrestaShop 1.7.0.0
        
            PrestaShop 1.7.0.0 beta1
        
            PrestaShop 1.7.0.0 beta2
        
            PrestaShop 1.7.0.0 beta3
        
            PrestaShop 1.7.0.0 RC0
        
            PrestaShop 1.7.0.0 RC1
        
            PrestaShop 1.7.0.0 RC2
        
            PrestaShop 1.7.0.0 RC3
        
            PrestaShop 1.7.0.1
        
            PrestaShop 1.7.0.2
        
            PrestaShop 1.7.0.3
        
            PrestaShop 1.7.0.4
        
            PrestaShop 1.7.0.5
        
            PrestaShop 1.7.0.6
        
            PrestaShop 1.7.1.0
        
            PrestaShop 1.7.1.0 beta1
        
            PrestaShop 1.7.1.1
        
            PrestaShop 1.7.1.2
        
            PrestaShop 1.7.2.0
        
            PrestaShop 1.7.2.0 RC 1
        
            PrestaShop 1.7.2.1
        
            PrestaShop 1.7.2.2
        
            PrestaShop 1.7.2.3
        
            PrestaShop 1.7.2.4
        
            PrestaShop 1.7.2.5
        
            PrestaShop 1.7.3.0
        
            PrestaShop 1.7.3.0 beta 1
        
            PrestaShop 1.7.3.0 RC 1
        
            PrestaShop 1.7.3.1
        
            PrestaShop 1.7.3.2
        
            PrestaShop 1.7.3.3
        
            PrestaShop 1.7.3.4
        
            PrestaShop 1.7.4.0
        
            PrestaShop 1.7.4.0 beta 1
        
            PrestaShop 1.7.4.1
        
            PrestaShop 1.7.4.2
        
            PrestaShop 1.7.4.3
        
            PrestaShop 1.7.4.4
        
            PrestaShop 1.7.5.0
        
            PrestaShop 1.7.5.0 beta 1
        
            PrestaShop 1.7.5.0 RC 1
        
            PrestaShop 1.7.5.1
        
            PrestaShop 1.7.5.2
        
            PrestaShop 1.7.6.0
        
            PrestaShop 1.7.6.0 beta 1
        
            PrestaShop 1.7.6.0 RC 1
        
            PrestaShop 1.7.6.0 RC 2
        
            PrestaShop 1.7.6.1
        
            PrestaShop 1.7.6.2
        
            PrestaShop 1.7.6.3
        
            PrestaShop 1.7.6.4
        
            PrestaShop 1.7.6.4  1
        
    " />
<meta name="twitter:image" content="https://tsecurity.de/templates/tsecurity.de/media/logo-social-media.png" />
<meta name="twitter:image:alt" content="Team IT Security Logo" />
<meta name="audience" content="alle">
<link rel="alternate" hreflang="de" href="https://tsecurity.de/de/1128699/Reverse-Engineering/Sicherheitsl%C3%BCcken/Adding-permission-check-for-admin-order-edits-and-legacy-controller-to-prevent-unauthenticated-usage/" />
<link rel="alternate" type="application/rss+xml" title="ALLE INHALTE News Feed" href="https://tsecurity.de/it-security-feed/Alle-Kategorien|1" />
<link rel="alternate" type="application/rss+xml" title="IT-SECURITY News Feed" href="https://tsecurity.de/it-security-feed/IT-Security%7C3" />
<link rel="alternate" type="application/rss+xml" title="Sicherheitslücken News Feed" href="https://tsecurity.de/it-security-feed/Sicherheitsl%C3%BCcken-%2F-Exploits|10" />
<link rel="alternate" type="application/rss+xml" title="IT Security Video Feed" href="https://tsecurity.de/it-security-feed/IT-Security-Video|6" />
<link rel="alternate" type="application/rss+xml" title="REVERSE Engineering News Feed" href="https://tsecurity.de/it-security-feed/Reverse-Engineering|9" />
<link rel="alternate" type="application/rss+xml" title="ALLE BETRIEBSTEM News Feed" href="https://tsecurity.de/it-security-feed/Betriebssysteme|14" />
<link rel="alternate" type="application/rss+xml" title="ALLE BETRIEBSTEM News Feed" href="https://tsecurity.de/it-security-feed/Exploit-Source-Codes|11 />	
	 
	    <link rel=" icon" type="image/png" sizes="32x32" href="/templates/tsecurity.de/media/tsecurity.ico">
<meta name="google-site-verification" content="vmdp2sS6_oJvt7FFOVJUcWIDaW1e3pwD1WZFm_jgPfg" />

<link rel="dns-prefetch" href="https://fonts.googleapis.com">
<link rel="dns-prefetch" href="https://cdnjs.cloudflare.com">
<link rel="dns-prefetch" src="http://www.youtube.com/">
<link rel="preconnect" src="http://www.youtube.com/">
<link rel="preconnect" href="https://cdnjs.cloudflare.com">
<link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://translate.googleapis.com">
<link rel="preconnect" href="https://adservice.google.com">

<script src="https://www.youtube.com/player_api"></script>
<script>function detectmob(){if(navigator.userAgent.match(/Android/i)||navigator.userAgent.match(/webOS/i)||navigator.userAgent.match(/iPhone/i)||navigator.userAgent.match(/iPad/i)||navigator.userAgent.match(/iPod/i)||navigator.userAgent.match(/BlackBerry/i)||navigator.userAgent.match(/Windows Phone/i)){return true;}else{return false;}}</script>

<script>(function(w,d,s,l,i){w[l]=w[l]||[];w[l].push({'gtm.start':new Date().getTime(),event:'gtm.js'});var f=d.getElementsByTagName(s)[0],j=d.createElement(s),dl=l!='dataLayer'?'&l='+l:'';j.async=true;j.src='https://www.googletagmanager.com/gtm.js?id='+i+dl;f.parentNode.insertBefore(j,f);})(window,document,'script','dataLayer','GTM-TPNQ476');</script>

<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.0.0-beta2/dist/css/bootstrap.min.css" rel="stylesheet" integrity="sha384-BmbxuPwQa2lc/FVzBcNJ7UAyJxM6wuqIj61tLrc4wSX0szH/Ev+nYRRuWlolflfl" crossorigin="anonymous">
<link rel="stylesheet" href="/templates/tsecurity.de/css/A.template_master.css.pagespeed.cf.qCWxlHun2V.css">


<script defer src="/templates/tsecurity.de/install.js.pagespeed.ce.loZAQ4IK_7.js"></script>
<script src="/framework/jquery/jquery-3.6.0.min.js.pagespeed.jm.vSq_cOaZon.js"></script>

<script>if('serviceWorker'in navigator){navigator.serviceWorker.register('/templates/tsecurity.de/install.js');}var player;window.onYouTubePlayerAPIReadyByID=function(id){player=new YT.Player('ytplayer_'+id,{height:'315',width:'560',videoId:id});}</script>
<script async src='/cdn-cgi/bm/cv/669835187/api.js'></script></head>
<body>

<noscript><iframe src="https://www.googletagmanager.com/ns.html?id=GTM-TPNQ476" height="0" width="0" style="display:none;visibility:hidden"></iframe></noscript>

<div class="wrapper">
<div class="page">
<header class="header-container">
<div class="header">
<a title="Nachrichtenportal Team Security (tsecurity.de)" href="/?pk_campaign=logo-nav&pk_kwd=logo-nav&pk_source=klick-logo">
<img alt="logo" src="https://tsecurity.de//templates/tsecurity.de/media/xtsecurity-logo8.webp.pagespeed.ic.BsSQzHB5D7.webp" />
</a>
</div>
<div class="header">
<a style="color:yellow" class="button" title="FREIE-WELT.EU Nachrichtenportal" href="https://freie-welt.eu/?pk_campaign=franchise&pk_kwd=franchise-link&pk_source=franchise-link">
ZU FREIE-WELT.EU wechseln - POLITIK NACHRICHTENPORTAL alle 15 Minuten neuste Nachrichten aus über 460 Quellen
</a>
</div>
</header>
<section>
<nav role="navigation" style="background-color: #1E1E23;height: 65px;">
<div id="menuToggle">
<input name="MenuToggle" id="togglemenu" type="checkbox" />
<span></span>
<span></span>
<span></span>
</div>
</nav>
<nav role="navigation" style="background-color: #1E1E23;">
<i class="fas fa-angle-right" style="font-size: 100px;position: fixed;top: 37.5%;left: 0%;z-index: 1000;"></i>
<ul id="menu" style="display:none;">
<li><a class="flex-nav-item" href="/de/2/Startseite/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Team IT Security - Cybersecurity Nachrichten / Nachrichtenportal">Startseite</a>
<ul>
<li><a class="flex-nav-item" href="/de/431830/Startseite/Android-Security/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="TOP Beitäge Android Security - Team IT Security - Cybersecurity Nachrichten / Nachrichtenportal">Android Security</a></li>
<li><a class="flex-nav-item" href="/de/432639/Startseite/Pentesting/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Pentesting - Team IT Security - Cybersecurity Nachrichten / Nachrichtenportal">Pentesting</a></li>
<li><a class="flex-nav-item" href="/de/427974/Startseite/Malware/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Malware - Team IT Security - Cybersecurity Nachrichten / Nachrichtenportal">Malware</a></li>
<li><a class="flex-nav-item" href="/de/434563/Startseite/Programmieren/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Programmieren - Team IT Security - Cybersecurity Nachrichten / Nachrichtenportal">Programmieren</a></li>
</ul>
</li>
<li><a class="flex-nav-item" href="/de/3/Allgemeines/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle IT-Nachrichten / IT-News">Allgemeines</a>
<ul>
<li><a class="flex-nav-item" href="/de/201468/Allgemeines/Videos/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Videos - Aktuelle IT-Nachrichten / IT-News">Videos</a></li>
</ul>
</li>
<li><a class="flex-nav-item" href="/de/4/Cybersecurity/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Cybersecurity News / IT-Sicherheit ">Cybersecurity</a>
<ul>
<li><a class="flex-nav-item" href="/de/5/Cybersecurity/Cybersecurity-Nachrichten/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Cybersecurity Nachrichten - Aktuelle Cybersecurity News / IT-Sicherheit ">Cybersecurity Nachrichten</a></li>
<li><a class="flex-nav-item" href="/de/6/Cybersecurity/Cybersecurity-Tools/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Cybersecurity Tools Nachrichten - Aktuelle Cybersecurity News / IT-Sicherheit ">Cybersecurity Tools</a></li>
<li><a class="flex-nav-item" href="/de/7/Cybersecurity/Cybersecurity-Videos/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Cybersecurity Video Nachrichten - Aktuelle Cybersecurity News / IT-Sicherheit ">Cybersecurity Videos</a>
<ul>
<li><a class="flex-nav-item" href="/de/155807/Cybersecurity/Cybersecurity-Videos/AI-Videos/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="AI Videos - Aktuelle Cybersecurity Video Nachrichten - Aktuelle Cybersecurity News / IT-Sicherheit ">AI Videos</a></li>
</ul>
</li>
<li><a class="flex-nav-item" href="/de/8/Cybersecurity/Hacker/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Hacker Nachrichten - Aktuelle Cybersecurity News / IT-Sicherheit ">Hacker</a></li>
<li><a class="flex-nav-item" href="/de/9/Cybersecurity/Malware-Trojaner-Viren/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Malware Nachrichten / Trojaner Nachrichten / Viren Nachrichten - Aktuelle Cybersecurity News / IT-Sicherheit ">Malware / Trojaner / Viren</a></li>
<li><a class="flex-nav-item" href="/de/245520/Cybersecurity/Programmierung/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Programmierung - Aktuelle Cybersecurity News / IT-Sicherheit ">Programmierung</a>
<ul>
<li><a class="flex-nav-item" href="/de/424370/Cybersecurity/Programmierung/Video-Youtube/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Video | Youtube - Programmierung - Aktuelle Cybersecurity News / IT-Sicherheit ">Video | Youtube</a></li>
</ul>
</li>
<li><a class="flex-nav-item" href="/de/424521/Cybersecurity/Podcasts/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Podcasts - Aktuelle Cybersecurity News / IT-Sicherheit ">Podcasts</a></li>
</ul>
</li>
<li><a class="flex-nav-item" href="/de/10/Reverse-Engineering/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Reverse Engineering Informatik Nachrichten">Reverse Engineering</a>
<ul>
<li><a class="flex-nav-item" href="/de/11/Reverse-Engineering/Sicherheitsl%C3%BCcken/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Sicherheitslücken Nachrichten / Aktuelle Exploits  - Aktuelle Reverse Engineering Informatik Nachrichten">Sicherheitslücken</a>
<ul>
<li><a class="flex-nav-item" href="/de/12/Reverse-Engineering/Sicherheitsl%C3%BCcken/Proof-of-Concept/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Proof of Concept Exploits Informatik (PoC) Nachrichten - Aktuelle Sicherheitslücken Nachrichten / Aktuelle Exploits  - Aktuelle Reverse Engineering Informatik Nachrichten">Proof of Concept</a></li>
</ul>
</li>
<li><a class="flex-nav-item" href="/de/13/Reverse-Engineering/Video/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Video Nachrichten - Aktuelle Reverse Engineering Informatik Nachrichten">Video</a></li>
<li><a class="flex-nav-item" href="/de/14/Reverse-Engineering/Tools/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Tools Nachrichten - Aktuelle Reverse Engineering Informatik Nachrichten">Tools</a></li>
</ul>
</li>
<li><a class="flex-nav-item" href="/de/15/Betriebssysteme/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Betriebssysteme Windows | Unix | Mac Nachrichten">Betriebssysteme</a>
<ul>
<li><a class="flex-nav-item" href="/de/155879/Betriebssysteme/Mac-OS-Tipps/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Mac OS Tipps - Aktuelle Betriebssysteme Windows | Unix | Mac Nachrichten">Mac OS Tipps</a></li>
<li><a class="flex-nav-item" href="/de/16/Betriebssysteme/Windows-Tipps/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Windows Tipps Nachrichten | Windows 10 uvm. - Aktuelle Betriebssysteme Windows | Unix | Mac Nachrichten">Windows Tipps</a></li>
<li><a class="flex-nav-item" href="/de/17/Betriebssysteme/Android-Tipps/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Android Tipps Nachrichten - Aktuelle Betriebssysteme Windows | Unix | Mac Nachrichten">Android Tipps</a></li>
<li><a class="flex-nav-item" href="/de/155880/Betriebssysteme/Web-Tipps/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Web Tipps - Aktuelle Betriebssysteme Windows | Unix | Mac Nachrichten">Web Tipps</a></li>
<li><a class="flex-nav-item" href="/de/155878/Betriebssysteme/Linux-Tipps/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Linux Tipps - Aktuelle Betriebssysteme Windows | Unix | Mac Nachrichten">Linux Tipps</a></li>
</ul>
</li>
<li><a class="flex-nav-item" href="/de/18/Downloads/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Downloads">Downloads</a></li>
<li><a class="flex-nav-item" href="/de/19/Server/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Server Nachrichten | Windows Server Nachrichten | Unix Server Nachrichten">Server</a>
<ul>
<li><a class="flex-nav-item" href="/de/20/Server/Windows-Server/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Windows Server Nachrichten - Aktuelle Server Nachrichten | Windows Server Nachrichten | Unix Server Nachrichten">Windows Server</a></li>
<li><a class="flex-nav-item" href="/de/21/Server/Unix-Server/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Aktuelle Unix Server Nachrichten - Aktuelle Server Nachrichten | Windows Server Nachrichten | Unix Server Nachrichten">Unix Server</a></li>
</ul>
</li>
<li><a class="flex-nav-item" href="/de/111965/RSS-Feed-hinzuf%C3%BCgen/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="RSS Feed hinzufügen | IT Security">RSS Feed hinzufügen</a>
<ul>
<li><a class="flex-nav-item" href="/de/446968/RSS-Feed-hinzuf%C3%BCgen/Widerruf/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Widerruf von Blogs - RSS Feed hinzufügen | IT Security">Widerruf</a></li>
<li><a class="flex-nav-item" href="/de/852168/RSS-Feed-hinzuf%C3%BCgen/Datenschutz/?pk_campaign=nav-mainmenu&pk_kwd=nav-mainmenu&pk_source=nav-mainmenu" target="_self" title="Datenschutz - RSS Feed hinzufügen | IT Security">Datenschutz</a></li>
</ul>
</li>
</ul>
</nav>
</div>
</section>
<div class="main col2-right-layout">
<div id="main_page_container" class="main-border">
<a href="https://t.me/tsecurity21">"Team Security" Telegram-Gruppe </a>.
<br />
<div class="container-fluid">
<div class="row"><main class="col-sm-8"><article class="block rss_content_view" id="box_rss_content_view_1126472"><div class="block-title"> <h1>&#10056; Adding permission check for admin order edits and legacy controller to prevent unauthenticated usage</h1></div><article class="content rss_content_view" id="modul_rss_content_view_1126472"><header> <h3><time datetime="2020-05-26 12:58:49">26.05.2020 um 12:58 Uhr</time></h3><p><a title="Sicherheitslücken / Exploits" href="de/11/Reverse-Engineering/Sicherheitsl%C3%BCcken/"><strong><i class="fas fa-circle"></i> Sicherheitslücken / Exploits</strong></a> <a title="Nachrichtenwebseite direkt öffnen" href="/weiterleitung.php?rss_id=1105517&page_id=1128699"><strong><i class="fas fa-external-link-alt"></i> portal.patchman.co</strong></a>
<strong> <a title="Startseite der RSS-Quelle öffnen" href="https://portal.patchman.co" target="_blank"><i class="fas fa-link"></i></a></strong></p></header><p><p>Missing permission checks could lead to unauthorized usage in the admin section through the API.</p>
<p>This vulnerability affects the following application versions:</p>
<ul><li>PrestaShop 1.7.0.0</li>
<li>PrestaShop 1.7.0.0 beta1</li>
<li>PrestaShop 1.7.0.0 beta2</li>
<li>PrestaShop 1.7.0.0 beta3</li>
<li>PrestaShop 1.7.0.0 RC0</li>
<li>PrestaShop 1.7.0.0 RC1</li>
<li>PrestaShop 1.7.0.0 RC2</li>
<li>PrestaShop 1.7.0.0 RC3</li>
<li>PrestaShop 1.7.0.1</li>
<li>PrestaShop 1.7.0.2</li>
<li>PrestaShop 1.7.0.3</li>
<li>PrestaShop 1.7.0.4</li>
<li>PrestaShop 1.7.0.5</li>
<li>PrestaShop 1.7.0.6</li>
<li>PrestaShop 1.7.1.0</li>
<li>PrestaShop 1.7.1.0 beta1</li>
<li>PrestaShop 1.7.1.1</li>
<li>PrestaShop 1.7.1.2</li>
<li>PrestaShop 1.7.2.0</li>
<li>PrestaShop 1.7.2.0 RC 1</li>
<li>PrestaShop 1.7.2.1</li>
<li>PrestaShop 1.7.2.2</li>
<li>PrestaShop 1.7.2.3</li>
<li>PrestaShop 1.7.2.4</li>
<li>PrestaShop 1.7.2.5</li>
<li>PrestaShop 1.7.3.0</li>
<li>PrestaShop 1.7.3.0 beta 1</li>
<li>PrestaShop 1.7.3.0 RC 1</li>
<li>PrestaShop 1.7.3.1</li>
<li>PrestaShop 1.7.3.2</li>
<li>PrestaShop 1.7.3.3</li>
<li>PrestaShop 1.7.3.4</li>
<li>PrestaShop 1.7.4.0</li>
<li>PrestaShop 1.7.4.0 beta 1</li>
<li>PrestaShop 1.7.4.1</li>
<li>PrestaShop 1.7.4.2</li>
<li>PrestaShop 1.7.4.3</li>
<li>PrestaShop 1.7.4.4</li>
<li>PrestaShop 1.7.5.0</li>
<li>PrestaShop 1.7.5.0 beta 1</li>
<li>PrestaShop 1.7.5.0 RC 1</li>
<li>PrestaShop 1.7.5.1</li>
<li>PrestaShop 1.7.5.2</li>
<li>PrestaShop 1.7.6.0</li>
<li>PrestaShop 1.7.6.0 beta 1</li>
<li>PrestaShop 1.7.6.0 RC 1</li>
<li>PrestaShop 1.7.6.0 RC 2</li>
<li>PrestaShop 1.7.6.1</li>
<li>PrestaShop 1.7.6.2</li>
<li>PrestaShop 1.7.6.3</li>
<li>PrestaShop 1.7.6.4</li>
<li>PrestaShop 1.7.6.4 1</li>
</ul>...</p> <div class="social-media">
<h3>Sharing is caring</h3>
<div class="row">
<div class="col-sm-4">
<a href="https://www.reddit.com/submit?url=https://tsecurity.de/de/1128699/Reverse-Engineering/Sicherheitsl%C3%BCcken/Adding-permission-check-for-admin-order-edits-and-legacy-controller-to-prevent-unauthenticated-usage/?mtm_campaign=reddit_21%26mtm_source=reddi%26mtm_medium=social&title=Adding permission check for admin order edits and legacy controller to prevent unauthenticated usage" class="btn-social btn-reddit" title="reddit share" target="_blank" rel="noopener"><i class="fab fa-reddit-square"></i> Auf Reddit teilen</a>
</div>
<div class="col-sm-4">
<a href="https://telegram.me/share/url?url=https://tsecurity.de/de/1128699/Reverse-Engineering/Sicherheitsl%C3%BCcken/Adding-permission-check-for-admin-order-edits-and-legacy-controller-to-prevent-unauthenticated-usage/?mtm_campaign=telegram_21%26mtm_source=telegram%26mtm_medium=social&bodytext=&text=Adding permission check for admin order edits and legacy controller to prevent unauthenticated usage" class="btn-social btn-whatsapp" title="Telegram share" target="_blank" rel="noopener"><i class="fab fa-telegram-square"></i> Auf Telegram teilen</a>
</div>
<div class="col-sm-4">
<a href="https://share.flipboard.com/bookmarklet/popout?v=2&url=https://tsecurity.de/de/1128699/Reverse-Engineering/Sicherheitsl%C3%BCcken/Adding-permission-check-for-admin-order-edits-and-legacy-controller-to-prevent-unauthenticated-usage/?mtm_campaign=flipboard_21%26mtm_source=flipboard%26mtm_medium=social" class="btn-social btn-facebook" title="Flupboard" target="_blank" rel="noopener"><i class="fab  fa-flipboard-square"></i> Auf Flipboard teilen</a>
</div>
<div class="col-sm-4">
<a href="https://www.linkedin.com/sharing/share-offsite/?url=https://tsecurity.de/de/1128699/Reverse-Engineering/Sicherheitsl%C3%BCcken/Adding-permission-check-for-admin-order-edits-and-legacy-controller-to-prevent-unauthenticated-usage/?mtm_campaign=flipboard_21%26mtm_source=flipboard%26mtm_medium=social" class="btn-social btn-facebook" title="LinkedIn" target="_blank" rel="noopener"><i class="fab  fa-linkedin-square"></i> Auf LinkedIn teilen</a>
</div>
<div class="col-sm-4">
<a href="https://www.xing.com/social/share/spi?url=https://tsecurity.de/de/1128699/Reverse-Engineering/Sicherheitsl%C3%BCcken/Adding-permission-check-for-admin-order-edits-and-legacy-controller-to-prevent-unauthenticated-usage/?mtm_campaign=flipboard_21%26mtm_source=flipboard%26mtm_medium=social" class="btn-social btn-facebook" title="Xing" target="_blank" rel="noopener"><i class="fab  fa-xing-square"></i> Auf Xing teilen</a>
</div>
<div class="col-sm-4">
<a href="https://twitter.com/intent/tweet?text=Adding permission check for admin order edits and legacy controller to prevent unauthenticated usage&url=https://tsecurity.de/de/1128699/Reverse-Engineering/Sicherheitsl%C3%BCcken/Adding-permission-check-for-admin-order-edits-and-legacy-controller-to-prevent-unauthenticated-usage/?mtm_campaign=twitter_21%26mtm_source=twitter%26mtm_medium=social" class="btn-social btn-twitter" title="Twitter share" target="_blank" rel="noopener"><i class="fab fa-twitter-square"></i> Auf Twitter teilen</a>
</div>
<div class="col-sm-4">
<a href="https://api.whatsapp.com/send?text=Adding permission check for admin order edits and legacy controller to prevent unauthenticated usage https://tsecurity.de/de/1128699/Reverse-Engineering/Sicherheitsl%C3%BCcken/Adding-permission-check-for-admin-order-edits-and-legacy-controller-to-prevent-unauthenticated-usage/?mtm_campaign=whatsapp_21%26mtm_source=whatsapp%26mtm_medium=social" class="btn-social btn-whatsapp" title="Whatsapp share" target="_blank" rel="noopener"><i class="fab fa-whatsapp-square"></i> Auf Whatsapp teilen</a>
</div>
<div class="col-sm-4">
<a href="https://facebook.com/sharer.php?u=https://tsecurity.de/de/1128699/Reverse-Engineering/Sicherheitsl%C3%BCcken/Adding-permission-check-for-admin-order-edits-and-legacy-controller-to-prevent-unauthenticated-usage/?mtm_campaign=facebook_21%26mtm_source=facebook%26mtm_medium=social" class="btn-social btn-facebook" title="Facebook" target="_blank" rel="noopener"><i class="fab  fa-facebook-square"></i> Auf Facebook teilen</a>
</div>
</div>
<h3>Join the Community (beta)</h3>
<div class="row">

<div class="col-sm-4">
<a href="https://www.reddit.com/r/Computersicherheit/" class="btn-social btn-reddit" title="Reddit Kanal" target="_blank" rel="noopener"><i class="fab  fa-reddit-square"></i>"Team Security" Reddit-Gruppe</a>
</div>
<div class="col-sm-4">
<a href="https://t.me/tsecurity21" class="btn-social btn-facebook" title="Facebook" target="_blank" rel="noopener"><i class="fab  fa-facebook-square"></i> "Team Security" Telegram-Gruppe .</a>
</div>
<div class="col-sm-4">
<a href="https://www.facebook.com/tsec0/" class="btn-social btn-facebook" title="Facebook" target="_blank" rel="noopener"><i class="fab  fa-facebook-square"></i>"Team Security" Facebookseite</a>
</div>
</div>
</div>
 <br />
<a class="button_ext" title="Adding permission check for admin order edits and legacy controller to prevent unauthenticated usage" href="/weiterleitung.php?rss_id=1105517&page_id=1128699&mtm_campaign=tsec_21&mtm_source=tsec&mtm_medium=social"><i class="fas fa-external-link-alt"></i> Kompletten Artikel lesen</a> <font size="0.8em">(externe Quelle: https://portal.patchman.co/detections/rss/vulnerabilities/4024)</font>
<br /><br />
<a class="button" title="Team IT Security IT Sicherheit Nachrichtenportal Startseite" href="https://tsecurity.de/?pk_campaign=pull_startseite&pk_kwd=startseite&pk_source=link"><i class="fa fa-home" aria-hidden="true"></i> Zur Team IT Security IT Sicherheit Nachrichtenportal Startseite</a><br /><br /></article>
<script async src="https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js"></script>

<ins class="adsbygoogle" style="display:block;" data-ad-client="ca-pub-9851833893867858" data-ad-slot="7755158364" data-ad-format="link" data-full-width-responsive="true"></ins>
<script>(adsbygoogle=window.adsbygoogle||[]).push({});</script>
<ins class="adsbygoogle" style="display:block" data-ad-format="autorelaxed" data-ad-client="ca-pub-9851833893867858" data-ad-slot="9736316268"></ins>
<script>(adsbygoogle=window.adsbygoogle||[]).push({});</script>
<ins class="adsbygoogle" style="display:block" data-ad-format="autorelaxed" data-ad-client="ca-pub-9851833893867858" data-ad-slot="2779371119"></ins>
<script>(adsbygoogle=window.adsbygoogle||[]).push({});</script></article></article><article class="block similar" id="box_similar_1126193"><div class="block-title"> <h1>➤ Weitere Beiträge von Team Security | IT Sicherheit (tsecurity.de)</h1></div><div class="content similar" id="modul_similar_1126193"><div class="row"><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="SQL Injection Payload List" href="https://tsecurity.de/de/921964/Cybersecurity/Cybersecurity-Nachrichten/SQL-Injection-Payload-List/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>SQL Injection Payload List</h4></a> <i>vom <time datetime="2019-11-19 13:30:10">19.11.2019 um 13:30 Uhr</time> 1033.66 Punkte</i>
<br />SQL InjectionIn this section, we'll explain what SQL injection is, describe some common examples, explain how to find and exploit various kinds of SQL injection vulnerabilities, and summarize how to prevent SQL injection.What is SQL injection (SQLi)?SQL</p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="Docker-Inurlbr - Advanced Search In Search Engines, Enables Analysis Provided To Exploit GET / POST Capturing Emails &amp; Urls" href="https://tsecurity.de/de/403188/Cybersecurity/Cybersecurity-Nachrichten/Docker-Inurlbr-Advanced-Search-In-Search-Engines-Enables-Analysis-Provided-To-Exploit-GET-POST-Capturing-Emails-amp-Urls/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>Docker-Inurlbr - Advanced Search In Search Engines, Enables Analysis Provided To Exploit GET / POST Capturing Emails &amp; Urls</h4></a> <i>vom <time datetime="2018-11-08 22:21:01">08.11.2018 um 22:21 Uhr</time> 441.81 Punkte</i>
<br />
Advanced search in search engines, enables analysis provided to exploit GET / POST capturing emails &amp; urls, with an internal custom validation junction for each target / url found.How to buildgit clone https://github.com/gmdutra/docker-inurlbr.gitc</p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="Creative X-Fi Elite Pro Drivers" href="https://tsecurity.de/de/377341/Betriebssysteme/Linux-Tipps/Creative-X-Fi-Elite-Pro-Drivers/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>Creative X-Fi Elite Pro Drivers</h4></a> <i>vom <time datetime="2018-09-22 14:39:47">22.09.2018 um 14:39 Uhr</time> 240.76 Punkte</i>
<br />
help i'm almost finished with my transition to Linux from Windows except that my Sound Card is not working. Can someone help me find a driver for my Creative Labs X-Fi Elite Pro and that it works with the external I/O box? Thanks! lspci: 00:00.0 Host bri</p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="PMapper - A Tool For Quickly Evaluating IAM Permissions In AWS" href="https://tsecurity.de/de/359454/Cybersecurity/Cybersecurity-Nachrichten/PMapper-A-Tool-For-Quickly-Evaluating-IAM-Permissions-In-AWS/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>PMapper - A Tool For Quickly Evaluating IAM Permissions In AWS</h4></a> <i>vom <time datetime="2018-08-20 22:42:17">20.08.2018 um 22:42 Uhr</time> 232.37 Punkte</i>
<br />
A project to speed up the process of reviewing an AWS account's IAM configuration.
Purpose
The goal of the AWS IAM auth system is to apply and enforce access controls on actions and resources in AWS. This tool helps identify if the policies in place will ac</p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="TA18-106A: Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices" href="https://tsecurity.de/de/299728/Reverse-Engineering/Sicherheitsl%C3%BCcken/TA18-106A-Russian-State-Sponsored-Cyber-Actors-Targeting-Network-Infrastructure-Devices/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>TA18-106A: Russian State-Sponsored Cyber Actors Targeting Network Infrastructure Devices</h4></a> <i>vom <time datetime="2018-04-16 19:25:40">16.04.2018 um 19:25 Uhr</time> 208.16 Punkte</i>
<br />Original release date: April 16, 2018Systems Affected
Generic Routing Encapsulation (GRE) Enabled DevicesCisco Smart Install (SMI) Enabled DevicesSimple Network Management Protocol (SNMP) Enabled Network DevicesOverview
This joint Technical Alert (TA) is the result of analy</p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="Scrounger - Mobile Application Testing Toolkit" href="https://tsecurity.de/de/369662/Cybersecurity/Cybersecurity-Nachrichten/Scrounger-Mobile-Application-Testing-Toolkit/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>Scrounger - Mobile Application Testing Toolkit</h4></a> <i>vom <time datetime="2018-09-09 23:12:28">09.09.2018 um 23:12 Uhr</time> 197.75 Punkte</i>
<br />
Scrounger - a person who borrows from or lives off others.
There is no better description for this tool for two main reasons, the first is because this tool takes inspiration from many other tools that have already been published, the second reason is because it lives off mobile application's vulnerabilities.
Why
Even t</p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="StandIn - A Small .NET35/45 AD Post-Exploitation Toolkit" href="https://tsecurity.de/de/1394590/Cybersecurity/Cybersecurity-Nachrichten/StandIn-A-Small-.NET35/45-AD-Post-Exploitation-Toolkit/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>StandIn - A Small .NET35/45 AD Post-Exploitation Toolkit</h4></a> <i>vom <time datetime="2021-03-01 12:30:15">01.03.2021 um 12:30 Uhr</time> 189.79 Punkte</i>
<br />StandIn is a small AD post-compromise toolkit. StandIn came about because recently at xforcered we needed a .NET native solution to perform resource based constrained delegation. However, StandIn quickly ballooned to include a number of comfort features. </p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="P4wnP1 A.L.O.A. - Framework Which Turns A Rapsberry Pi Zero W Into A Flexible, Low-Cost Platform For Pentesting, Red Teaming And Physical Engagements" href="https://tsecurity.de/de/512378/Cybersecurity/Cybersecurity-Nachrichten/P4wnP1-A.L.O.A.-Framework-Which-Turns-A-Rapsberry-Pi-Zero-W-Into-A-Flexible-Low-Cost-Platform-For-Pentesting-Red-Teaming-And-Physical-Engagements/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>P4wnP1 A.L.O.A. - Framework Which Turns A Rapsberry Pi Zero W Into A Flexible, Low-Cost Platform For Pentesting, Red Teaming And Physical Engagements</h4></a> <i>vom <time datetime="2019-05-27 23:47:06">27.05.2019 um 23:47 Uhr</time> 173.83 Punkte</i>
<br />
P4wnP1 A.L.O.A. by MaMe82 is a framework which turns a Rapsberry Pi Zero W into a flexible, low-cost platform for pentesting, red teaming and physical engagements ... or into "A Little Offensive Appliance".0. How to installThe latest image could be fo</p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="Azure Cost Management + Billing updates – February 2020" href="https://tsecurity.de/de/1035411/Cybersecurity/Programmierung/Azure-Cost-Management-Billing-updates-February-2020/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>Azure Cost Management + Billing updates – February 2020</h4></a> <i>vom <time datetime="2020-02-26 15:00:50">26.02.2020 um 15:00 Uhr</time> 172.31 Punkte</i>
<br />Whether you're a new student, thriving startup, or the largest enterprise, you have financial constraints and you need to know what you're spending, where, and how to plan for the future. Nobody wants a surprise when it comes to the bill, and this is</p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="DependencyCheck v3.3.1 - A Software Composition Analysis Utility That Detects Publicly Disclosed Vulnerabilities In Application Dependencies" href="https://tsecurity.de/de/358722/Cybersecurity/Cybersecurity-Nachrichten/DependencyCheck-v3.3.1-A-Software-Composition-Analysis-Utility-That-Detects-Publicly-Disclosed-Vulnerabilities-In-Application-Dependencies/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>DependencyCheck v3.3.1 - A Software Composition Analysis Utility That Detects Publicly Disclosed Vulnerabilities In Application Dependencies</h4></a> <i>vom <time datetime="2018-08-14 14:54:00">14.08.2018 um 14:54 Uhr</time> 170.28 Punkte</i>
<br />
Dependency-Check is a Software Composition Analysis (SCA) tool that attempts to detect publicly disclosed vulnerabilities contained within a project's dependencies. It does this by determining if there is a Common Platform Enumeration (CPE) identifier for a gi</p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="Some-Tools - Install And Keep Up To Date Some Pentesting Tools" href="https://tsecurity.de/de/1235516/Cybersecurity/Cybersecurity-Nachrichten/Some-Tools-Install-And-Keep-Up-To-Date-Some-Pentesting-Tools/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>Some-Tools - Install And Keep Up To Date Some Pentesting Tools</h4></a> <i>vom <time datetime="2020-09-12 22:30:03">12.09.2020 um 22:30 Uhr</time> 164.74 Punkte</i>
<br />Some-ToolsWhyI was looking for a way to manage and keep up to date some tools that are not include in Kali-Linux. For exemple, I was looking for an easy way to manage privilege escalation scripts. One day I saw sec-tools from eugenekolo (which you can see at the bottom of the page) and it gave me the motivation to start working on mine right away.But keep in mind that is different. I built this for people that are working with Kali. Should work on others d</p></div></div><div class="li_similar_normal col-xs-6 col-md-4"><div class="box_similar"><p><a title="Obfuscapk - A Black-Box Obfuscation Tool For Android Apps" href="https://tsecurity.de/de/1007302/Cybersecurity/Cybersecurity-Nachrichten/Obfuscapk-A-Black-Box-Obfuscation-Tool-For-Android-Apps/?pk_campaign=klick-similar&pk_kwd=nav-similar&pk_source=klick-similar"><h4>Obfuscapk - A Black-Box Obfuscation Tool For Android Apps</h4></a> <i>vom <time datetime="2020-01-29 12:30:01">29.01.2020 um 12:30 Uhr</time> 163.83 Punkte</i>
<br />Obfuscapk is a modular Python tool for obfuscating Android apps without needing their source code, since apktool is used to decompile the original apk file and to build a new application, after applying some obfuscation techniques on the decompiled s</p></div></div></div>
</div></article><article class="block kommentar" id="box_kommentar_1126518"><div class="block-title"> <h1>Team Security Diskussion über Adding permission check for admin order edits and legacy controller to prevent unauthenticated usage</h1></div><div class="content" id="modul_kommentar_1126518"><form action="#" onsubmit="return setKommentar('setKommentar','kommentar','1126518','0');" id="setKommentar" name="frmKommentar"><br /><input type="text" id="txtEmail" name="txtEmail" placeholder="Bitte Email eingeben..."><br /><input type="text" id="txtTitle" name="txtTitle" placeholder="Bitte Titel eingeben..."> <br /><br />
<textarea id="txtKommentar" name="txtKommentar" placeholder="Diskutieren Sie über die Team Security News..." rows="4" cols="50"></textarea><br />
<input type="hidden" id="txtMenue" name="txtMenue" value="1128699"><input type="submit" name="btnSenden" value="An Diskussion teilnehmen" class="button"></form></div></article></main><aside class="col-sm-4"><article class="block stats" id="box_stats_2030887"><div class="block-title"> <h3><i class="fas fa-adjust"></i> Team Security beliebte IT Sicherheit letzte 48 Stunden</h3></div><div class="content" id="modul_stats_2030887"><ul class="modul_menue_normal"><li class="menue_side_item"><a href="/de/2/Startseite/?pk_campaign=nav-menu-stats&pk_kwd=nav-menu-stats-DAY_48&pk_source=nav-menu-stats" title="Startseite"><strong>➥ Startseite</strong></a> <font size="1">(28290)</font></li><li class="menue_side_item"><a href="/de/5/Cybersecurity/Cybersecurity-Nachrichten/?pk_campaign=nav-menu-stats&pk_kwd=nav-menu-stats-DAY_48&pk_source=nav-menu-stats" title="Cybersecurity Nachrichten"><strong>➥ Cybersecurity Nachrichten</strong></a> <font size="1">(6162)</font></li><li class="menue_side_item"><a href="/de/8/Cybersecurity/Hacker/?pk_campaign=nav-menu-stats&pk_kwd=nav-menu-stats-DAY_48&pk_source=nav-menu-stats" title="Hacker"><strong>➥ Hacker</strong></a> <font size="1">(8495)</font></li><li class="menue_side_item"><a href="/de/3/Allgemeines/?pk_campaign=nav-menu-stats&pk_kwd=nav-menu-stats-DAY_48&pk_source=nav-menu-stats" title="Allgemeines"><strong>➥ Allgemeines</strong></a> <font size="1">(6419)</font></li><li class="menue_side_item"><a href="/de/15/Betriebssysteme/?pk_campaign=nav-menu-stats&pk_kwd=nav-menu-stats-DAY_48&pk_source=nav-menu-stats" title="Betriebssysteme"><strong>➥ Betriebssysteme</strong></a> <font size="1">(4016)</font></li><li class="menue_side_item"><a href="/de/4/Cybersecurity/?pk_campaign=nav-menu-stats&pk_kwd=nav-menu-stats-DAY_48&pk_source=nav-menu-stats" title="Cybersecurity"><strong>➥ Cybersecurity</strong></a> <font size="1">(2677)</font></li><li class="menue_side_item"><a href="/de/10/Reverse-Engineering/?pk_campaign=nav-menu-stats&pk_kwd=nav-menu-stats-DAY_48&pk_source=nav-menu-stats" title="Reverse Engineering"><strong>➥ Reverse Engineering</strong></a> <font size="1">(2987)</font></li><li class="menue_side_item"><a href="/de/11/Reverse-Engineering/Sicherheitsl%C3%BCcken/?pk_campaign=nav-menu-stats&pk_kwd=nav-menu-stats-DAY_48&pk_source=nav-menu-stats" title="Sicherheitslücken"><strong>➥ Sicherheitslücken</strong></a> <font size="1">(3108)</font></li><li class="menue_side_item"><a href="/de/6/Cybersecurity/Cybersecurity-Tools/?pk_campaign=nav-menu-stats&pk_kwd=nav-menu-stats-DAY_48&pk_source=nav-menu-stats" title="Cybersecurity Tools"><strong>➥ Cybersecurity Tools</strong></a> <font size="1">(1661)</font></li><li class="menue_side_item"><a href="/de/16/Betriebssysteme/Windows-Tipps/?pk_campaign=nav-menu-stats&pk_kwd=nav-menu-stats-DAY_48&pk_source=nav-menu-stats" title="Windows Tipps"><strong>➥ Windows Tipps</strong></a> <font size="1">(2073)</font></li></ul></div></article><article class="block stats" id="box_stats_2030888"><div class="block-title"> <h3><i class="fas fa-adjust"></i> Team Security beliebte IT Sicherheit letzte 30 Tage</h3></div><div class="content" id="modul_stats_2030888"><ul class="modul_menue_normal"><li class="menue_side_item"><a href="/de/1413710/Reverse-Engineering/Sicherheitsl%C3%BCcken/CVE-2021-1287/?pk_campaign=nav-menu-stats&pk_kwd=nav-menu-stats-MONTH_1&pk_source=nav-menu-stats" title="CVE-2021-1287"><strong>➥ CVE-2021-1287</strong></a> <font size="1">(17004)</font></li><li class="menue_side_item"><a href="/de/1420628/Betriebssysteme/Windows-Tipps/New-Spotify-experience-aligns-its-desktop-and-web-versions/?pk_campaign=nav-menu-stats&pk_kwd=nav-menu-stats-MONTH_1&pk_source=nav-menu-stats" title="New Spotify experience aligns its desktop and web versions"><strong>➥ New Spotify experience aligns its desktop and web versions</strong></a> <font size="1">(18656)</font></li><li class="menue_side_item"><a href="/de/2/Startseite/?pk_campaign=nav-menu-stats&pk_kwd=nav-menu-stats-MONTH_1&pk_source=nav-menu-stats" title="Startseite"><strong>➥ Startseite</strong></a> <font size="1">(207772)</font></li><li class="menue_side_item"><a href="/de/1415379/Allgemeines/Viele-machen-den-Fehler-Warum-Sie-niemals-einen-kostenlosen-VPN-Dienst-nutzen-sollten/?pk_campaign=nav-menu-stats&pk_kwd=nav-menu-stats-MONTH_1&pk_source=nav-menu-stats" title="Viele machen den Fehler: Warum Sie niemals einen kostenlosen VPN-Dienst nutzen sollten"><strong>➥ Viele machen den Fehler: Warum Sie niemals einen kostenlosen VPN-Dienst nutzen sollten</strong></a> <font size="1">(11522)</font></li><li class="menue_side_item"><a href="/de/1417615/Allgemeines/Fortnite-startet-Lama-Rama-Event-So-sichert-ihr-euch-dort-5-coole-Items/?pk_campaign=nav-menu-stats&pk_kwd=nav-menu-stats-MONTH_1&pk_source=nav-menu-stats" title="Fortnite startet „Lama Rama-Event“ – So sichert ihr euch dort 5 coole Items"><strong>➥ Fortnite startet „Lama Rama-Event“ – So sichert ihr euch dort 5 coole Items</strong></a> <font size="1">(8242)</font></li><li class="menue_side_item"><a href="/de/1414427/Betriebssysteme/Linux-Tipps/Why-Does-USB-Only-Fit-One-Way-Why-Wasnt-It-Originally-Designed-To-Be-Reversible/?pk_campaign=nav-menu-stats&pk_kwd=nav-menu-stats-MONTH_1&pk_source=nav-menu-stats" title="Why Does USB Only Fit One Way? Why Wasn’t It Originally Designed To Be Reversible?"><strong>➥ Why Does USB Only Fit One Way? Why Wasn’t It Originally Designed To Be Reversible?</strong></a> <font size="1">(9641)</font></li><li class="menue_side_item"><a href="/de/1415418/Allgemeines/Xbox-Series-XS-Dolby-Vision-Gaming-startet-Alpha-Ring/?pk_campaign=nav-menu-stats&pk_kwd=nav-menu-stats-MONTH_1&pk_source=nav-menu-stats" title="Xbox Series X|S: Dolby Vision Gaming startet (Alpha Ring)"><strong>➥ Xbox Series X|S: Dolby Vision Gaming startet (Alpha Ring)</strong></a> <font size="1">(6364)</font></li><li class="menue_side_item"><a href="/de/1423951/Server/Unix-Server/USN-4894-1-WebKitGTK-vulnerabilities/?pk_campaign=nav-menu-stats&pk_kwd=nav-menu-stats-MONTH_1&pk_source=nav-menu-stats" title="USN-4894-1: WebKitGTK vulnerabilities"><strong>➥ USN-4894-1: WebKitGTK vulnerabilities</strong></a> <font size="1">(5015)</font></li><li class="menue_side_item"><a href="/de/1421180/Allgemeines/Warner-Music-and-Rothco-launch-Saylists-on-Apple-Music-to-aid-speech-therapy/?pk_campaign=nav-menu-stats&pk_kwd=nav-menu-stats-MONTH_1&pk_source=nav-menu-stats" title="Warner Music and Rothco launch Saylists on Apple Music to aid speech therapy"><strong>➥ Warner Music and Rothco launch Saylists on Apple Music to aid speech therapy</strong></a> <font size="1">(3332)</font></li></ul></div></article></aside></div>
</div>
</div>
</div>
<div style="clear:both"></div>
<footer>
<div class="footer">
<div style="float:left;width:32%;margin-right:30px">
<h2>Informationsportal Team IT Security - Social Media</h2>
<ul>
<li><a rel="noopener" title="Team IT Security auf Facebook folgen" href="https://www.facebook.com/tsec0/">Team IT Security Nachrichtenportal auf <u>Facebook</u> folgen</a></li>
<li><a rel="noopener" title="Team IT Security auf Github folgen" href="https://github.com/thE-iNviNciblE">Team IT Security Nachrichtenportal auf <u>Github</u> folgen</a></li>
</ul><br />
Email: <a href="/cdn-cgi/l/email-protection#f0999e969fb0848395938582998489de9495"><span class="__cf_email__" data-cfemail="deb7b0b8b19eaaadbbbdabacb7aaa7f0babb">[email&#160;protected]</span></a> schreiben (24 / 7)<br />
</div>
<div style="float:left;width:32%">
<h2>&Uuml;ber Informationsportal Team IT Security</h2>
<ul>
<li><a title="Ãœber IT Security Team" href="/de/3612/Ueber-TSEC/">Team IT Security Nachrichtenportal <u>Sitemap</u></a></li>
<li><a title="Impressum IT Security Team" href="/de/2657/Impressum/">Team IT Security Nachrichtenportal <u>Impressum</u></a></li>
<li><a title="Datenschutz IT Security Team" href="/de/852168/RSS-Feed-hinzufuegen/Datenschutz/">Team IT Security Nachrichtenportal <u>Datenschutz</u></a></li>
</ul>
</div>
<style media="all">ul{padding:0;list-style-type:none}#menuToggle{display:flex;flex-direction:column;position:relative;top:25px;z-index:1;-webkit-user-select:none;user-select:none}#menuToggle input{display:flex;width:40px;height:32px;position:absolute;cursor:pointer;opacity:0;z-index:2}#menuToggle span{display:flex;width:29px;height:2px;margin-bottom:5px;position:relative;background:#fff;border-radius:3px;z-index:1;transform-origin:5px 0;transition:transform .5s cubic-bezier(.77,.2,.05,1.0) , background .5s cubic-bezier(.77,.2,.05,1.0) , opacity .55s ease}#menuToggle span:first-child{transform-origin:0% 0%}#menuToggle span:nth-last-child(2)
{transform-origin:0% 100%}#menuToggle input:checked ~ span
{opacity:1;transform:rotate(45deg) translate(-3px,-1px);background:#36383f}#menuToggle input:checked ~ span:nth-last-child(3)
{opacity:0;transform:rotate(0deg) scale(.2,.2)}#menuToggle input:checked ~ span:nth-last-child(2)
{transform:rotate(-45deg) translate(0,-1px)}#menu{}ul#menu{right:40px}ul#menu li{list-style:none;margin-top:1px;padding:10px 0;padding-left:15px;transition-delay:2s}ul#menu>ul>li{padding-left:15px 0;transition-delay:2s;font-weight:normal}#menuToggle input:checked ~ ul
{transform:none}.mouseenter{position:relative;left:300px;box-shadow:0 0 10px #85888c;margin:-50px 0 0 -50px;padding:50px;padding-top:125px;background-color:#f5f6fa;-webkit-font-smoothing:antialiased;overflow:auto;height:250px}</style>

<script data-cfasync="false" src="/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js"></script><script defer src="/templates/tsecurity.de/js/jquery_user_main.js.pagespeed.ce.2WKSDIZZg4.js"></script>
<script async src="https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.1/cookieconsent.min.js"></script>
<link rel="stylesheet" type="text/css" href="//cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.1.0/cookieconsent.min.css" />
<script>$(document).ready(function(){if(detectmob()==true){$("#menu").css({"position":"relative","box-shadow":"0 0 10px #85888C","margin":"-50px 0 0 -50px","-webkit-font-smoothing":"antialiased","transform-origin":"0% 0%","transform":"translate(-100%, 0)","transition":"transform 0.5s cubic-bezier(0.77,0.2,0.05,1.0)","overflow":"auto","height":"50px","left":"-650px","width":"360px","top":"950px","z-index":"9999","transform":"translate(-100%,0%)","transform-origin":"5px 0px","transition":"transform 1.5s cubic-bezier(0.77,0.2,0.05,1.0),background 0.5s cubic-bezier(0.77,0.2,0.05,1.0),opacity 1.55s ease;"});}else{$("#menu").css({"position":"fixed","width":"180px","height":"400px","box-shadow":"0 0 10px #85888C","margin":"-50px 0 0 -50px","padding":"50px","padding-top":"125px","-webkit-font-smoothing":"antialiased","transform-origin":"0% 0%","transform":"translate(-105%, 0%)","transition":"transform 0.5s cubic-bezier(0.77,0.2,0.05,1.0)","overflow":"","display":"none","left":"115px","top":"150px","z-index":"9999"});}window.addEventListener("load",function(){window.cookieconsent.initialise({"palette":{"popup":{"background":"#000"},"button":{"background":"#f1d600"}},"content":{"message":"Diese Webseite verwendet Cookies. Wenn Sie diese Webseite weiterhin besuchen, stimmen Sie der Nutzung von Cookies zu. Weitere Informationen finden Sie unter Datenschutz","dismiss":"Habe verstanden","link":"Weitere Informationen","href":"https://tsecurity.de/de/2658/Datenschutzerklaerung/"}})});});</script>
</div>
<div class="footer">
<h2>IT Sicherheit Nachrichten - RSS Nachrichtenportal</h2>
<ul>
<li><a href="https://tsecurity.de/it-security-feed/" title="Die Cyber IT Security Informationsportal  - RSS Quelle Alle Webseiten Nachrichten"><img alt="RSS-Feed" src="/image/xrss-small.png.pagespeed.ic.ybioT2SH_c.png" /> Team IT Security alle IT Nachrichten | Nachrichtenportal</a></li>
<li><a href="https://tsecurity.de/tsec-nachrichten/" title="Das Cyber IT Security Informationsportal - RSS Quelle Blog Beiträge | News"><img alt="RSS-Feed" src="/image/xrss-small.png.pagespeed.ic.ybioT2SH_c.png" /> Team IT Security Nachrichtenportal IT Nachrichten</a></li>
<li><a href="https://validator.w3.org/feed/check.cgi?url=https%3A//tsecurity.de/it-security-feed/Alle-Kategorien%257C1"><img src="/image/xvalid-rss-rogers.png.pagespeed.ic.6VoqfvSa6w.png" alt="[Valid RSS]" title="Validate my RSS feed" /></a></li>
<ul>
<span style="float:right">&copy; <a title="Informationsportal Team IT Security - Das Cyber IT Security Nachrichtenportal im Web" href="https://tsecurity.de">2015-2020 Team IT Security - Das IT Security Nachrichtenportal im Web</a></span>
</div>

</footer>
<script>$(document).ready(function(){$("#menuToggle").click(function(){if($(".menu_clicked")[0]!='undefined'){$("#togglemenu").prop('checked',true);$("#menu").addClass("menu_clicked");$("#menu").removeAttr("style");if(detectmob()==true){if($('#togglemenu').is(':checked')){$("#menu").css({"position":"relative","box-shadow":"0 0 10px #85888C","margin":"-15px 0px 0px -15px","padding":"50px","padding-top":"125px","-webkit-font-smoothing":"antialiased","overflow":"auto","right":"-","width":"100%","height":"100%","top":"-340px","left":"","z-index":"9999","transform":"","transform-origin":""});}}else{if($('#togglemenu').is(':checked')){}}}else{alert($(".menu_clicked")[0]);$("#menu").removeClass("menu_clicked");$("#togglemenu").prop('checked',false);if(detectmob()==true){$("#menu").css({"position":"relative","box-shadow":"0 0 10px #85888C","margin":"-50px 0 0 -50px","-webkit-font-smoothing":"antialiased","transform-origin":"0% 0%","transform":"translate(-100%, 0)","transition":"transform 0.5s cubic-bezier(0.77,0.2,0.05,1.0)","overflow":"auto","height":"50px","left":"-650px","width":"360px","top":"50px","z-index":"9999","transform":"translate(-100%,0%)","transform-origin":"5px 0px","transition":"transform 1.5s cubic-bezier(0.77,0.2,0.05,1.0),background 0.5s cubic-bezier(0.77,0.2,0.05,1.0),opacity 1.55s ease;"});}}});if(detectmob()==false){$("#menu").mouseenter(function(){if($(".mouseenter")[0]){}else{$("#menu").css({"display":"","position":"fixed","z-index":"9999","box-shadow":"0 0 10px #85888C","margin":"-50px 0 0 -50px","padding":"50px","padding-top":"125px","-webkit-font-smoothing":"antialiased","transform-origin":"0% 0%","transform":"translate(-100%, 0)","transition":"transform 0.5s cubic-bezier(0.77,0.2,0.05,1.0)","overflow":"auto","height":"400px","left":"650px","width":"550px","top":"150px","transform-origin":"0px 0px","transform":"translate(-650px, 0)","transition":"transform 0.5s cubic-bezier(0.77,0.2,0.05,1.0)",});$("#menu").addClass("mouseenter");$(".fa-angle-right").css({"display":"none"});}});$("#menu").mouseleave(function(){if($(".mouseenter")[0]){$("#menu").removeAttr("style");$("#menu").removeClass("mouseenter");$("#menu").css({"display":"","position":"fixed","z-index":"9999","width":"180px","height":"400px","box-shadow":"0 0 10px #85888C","margin":"-50px 0 0 -50px","padding":"50px","padding-top":"125px","-webkit-font-smoothing":"antialiased","transform-origin":"0% 0%","transform":"translate(-650px, 0)","transition":"transform 0.5s cubic-bezier(0.77,0.2,0.05,1.0)","overflow":"","left":"115px","top":"150px"});$(".fa-angle-right").css({"font-size":"100px","position":"fixed","top":"37.5%","left":"0.5%","z-index":"1000","display":""});}else{}});}if(detectmob()==false){$(".fa-angle-right").mouseenter(function(){if($(".mouseenter")[0]){}else{$("#menu").css({"display":"","position":"fixed","box-shadow":"0 0 10px #85888C","margin":"-50px 0 0 -50px","padding":"50px","padding-top":"125px","-webkit-font-smoothing":"antialiased","transform-origin":"0% 0%","transform":"translate(-100%, 0)","transition":"transform 0.5s cubic-bezier(0.77,0.2,0.05,1.0)","overflow":"auto","height":"400px","left":"750px","width":"550px","top":"150px","z-index":"9999","transform":"translate(-100%,0%)","transform-origin":"5px 0px","transition":"transform 1.5s cubic-bezier(0.77,0.2,0.05,1.0),background 0.5s cubic-bezier(0.77,0.2,0.05,1.0),opacity 1.55s ease;"});$(".fa-angle-right").css({"display":"none"});}});}else{$(".fa-angle-right").css({"display":"none"});}});</script>
</div>
<script async src="/templates/tsecurity.de/js/jquery_user_main.js.pagespeed.ce.2WKSDIZZg4.js"></script>

<link rel="stylesheet" href="/framework/fontawesome/css/A.all.css.pagespeed.cf.QWq7o9BlSb.css">
<script type="text/javascript">(function(){window['__CF$cv$params']={r:'63eeee3e9fabcec4',m:'61d28cb4678011e524dea40394ac0cf598ce071a-1618256482-1800-AfYWRXVr2J/0QveCHX087RqglaNOMsUvfcr6HcCCSzOqDk6DrEIul/DNCGlrulqQHiLLsFJuuC+HMOCRNV5mqgTdytdtYRCp9Kii4pFWfiIZNU2F8VV1AOlTb7yWd6uwlfDHgbJYl1OyJBdK0DOCy9vfM/RE5JM8K1a9jQgXzH/AdVYcKB98CEiZH2T47kAObZMCwR7FN9zkPgkdChq8I1RQ4S1a8fGl0NT/KjoMepfhgeb9krmhZhkXrueEtDV1GkutuRJwBJFG14d9FjejBiuInevqyc/pnkIuibBeNFhPFDl1Vf+slFcP4NnBPGoe1w==',s:[0xf1bf3c4c1c,0x6534058fd7],}})();</script></body>
</html>