| tiêu đề | innocommerce innoshop <= 0.7.3 Missing Authorization |
|---|
| Mô tả | InnoShop v0.7.3 and earlier is vulnerable to a pre-authentication application reinstall takeover. The installation endpoint POST /install/complete remains accessible without any authentication or CSRF protection after the application has been fully installed. An unauthenticated remote attacker can exploit this to overwrite the .env configuration file, execute migrate:fresh to drop all database tables (causing complete data loss), and create a new administrator account with attacker-controlled credentials, resulting in full system takeover. The root cause is that InstallServiceProvider::boot() unconditionally registers installation routes without checking the installed() status. |
|---|
| Nguồn | ⚠️ https://github.com/innocommerce/innoshop/issues/314 |
|---|
| Người dùng | anch0r (UID 96691) |
|---|
| Đệ trình | 16/04/2026 14:38 (cách đây 2 các tháng) |
|---|
| Kiểm duyệt | 01/05/2026 16:28 (15 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 360576 [innocommerce InnoShop đến 0.7.8 Installation Endpoint InstallServiceProvider.php boot xác thực yếu] |
|---|
| điểm | 20 |
|---|