CVE-2026-2165
Authentication Bypass via Email Manipulation in Detronetdip E-commerce
Publication date: 2026-02-08
Last updated on: 2026-04-29
Assigner: VulDB
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| detronetdip | e-commerce | 1.0.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-287 | When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct. |
| CWE-306 | The product does not perform any authentication for functionality that requires a provable user identity or consumes a significant amount of resources. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
I don't know
Can you explain this vulnerability to me?
CVE-2026-2165 is a critical security vulnerability in detronetdip E-commerce version 1.0.0, specifically in the backend PHP script located at /Admin/assets/backend/seller/add_seller.php. The vulnerability arises because this script lacks any authentication or session validation checks, allowing attackers to bypass authentication entirely.
The script assumes it is only accessed through the Admin Dashboard UI, which is protected by login, but it does not verify if the requestor is an authenticated administrator. As a result, an attacker can send direct HTTP POST requests with parameters like email, password, and mobile to create active seller accounts in the database without any authorization.
This missing authentication flaw is classified under CWE-306 (Missing Authentication for Critical Function) and allows unauthorized users to create accounts that should only be created by administrators.
How can this vulnerability impact me? :
This vulnerability can have several serious impacts:
- Attackers can bypass admin login and registration approval workflows to create active user or seller accounts without authorization.
- It enables privilege escalation by granting attackers access to the seller dashboard, which can be used for further exploitation such as Insecure Direct Object References (IDOR).
- The system can be flooded with fake accounts, leading to spam, fraud, degraded performance, and increased management complexity.
- Confidentiality, integrity, and availability of the application can be compromised due to unauthorized access and manipulation.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
[{'type': 'paragraph', 'content': 'This vulnerability can be detected by checking if the backend endpoint `/Admin/assets/backend/seller/add_seller.php` is accessible without authentication and accepts unauthenticated POST requests to create new seller accounts.'}, {'type': 'paragraph', 'content': "One way to detect it on your network or system is to attempt sending a crafted POST request to the vulnerable endpoint with parameters such as `email`, `pass`, and `mobile` and observe if the server responds with a success indicator (e.g., response '1')."}, {'type': 'paragraph', 'content': 'Additionally, you can use Google dorking to locate vulnerable instances by searching for URLs containing `inurl:Admin/assets/backend/seller/add_seller.php`.'}, {'type': 'list_item', 'content': 'Example curl command to test the vulnerability: curl -X POST -d "[email protected]&pass=password123&mobile=0000000000" https://targetsite.com/Admin/assets/backend/seller/add_seller.php'}, {'type': 'list_item', 'content': "If the response is '1' or indicates success without authentication, the vulnerability is present."}] [1, 2, 4]
What immediate steps should I take to mitigate this vulnerability?
[{'type': 'paragraph', 'content': 'Immediate mitigation involves enforcing authentication and session validation on the vulnerable backend scripts to prevent unauthenticated access.'}, {'type': 'paragraph', 'content': 'Specifically, add session management and access control checks at the start of the affected PHP files such as `add_seller.php` and `add_user.php`.'}, {'type': 'list_item', 'content': 'Add the following code snippet at the top of the vulnerable PHP files to enforce admin authentication:'}, {'type': 'list_item', 'content': '```php\nsession_start();\nif (!isset($_SESSION[\'IS_LOGIN_ADMIN\']) || $_SESSION[\'IS_LOGIN_ADMIN\'] !== "YES") {\n http_response_code(403);\n die("Unauthorized Access");\n}\n```'}, {'type': 'paragraph', 'content': 'This ensures that only authenticated administrators can execute these critical functions, mitigating the broken access control vulnerability.'}, {'type': 'paragraph', 'content': 'If patching is not immediately possible, consider restricting access to these backend endpoints via network controls such as firewall rules or IP whitelisting to limit exposure.'}, {'type': 'paragraph', 'content': 'Replacing the affected component with a secure alternative is also recommended if no official patch or fix is available.'}] [1, 2, 4]