CVE-2026-2165 – detronetdip E-commerce Account Creation Endpoint add_seller.php missing authentication

CVE ID : CVE-2026-2165

Published : Feb. 8, 2026, 4:32 p.m. | 47 minutes ago

Description : A weakness has been identified in detronetdip E-commerce 1.0.0. Impacted is an unknown function of the file /Admin/assets/backend/seller/add_seller.php of the component Account Creation Endpoint. Executing a manipulation of the argument email can lead to missing authentication. The attack can be executed remotely. The exploit has been made available to the public and could be used for attacks. The project was informed of the problem early through an issue report but has not responded yet.

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

آسیب‌پذیری‌های جدید و وصله‌های امنیتی به‌صورت مداوم منتشر می‌شوند و عدم بروزرسانی به‌موقع می‌تواند امنیت سرویس‌های حیاتی را به خطر بیندازد. خدمات مدیریت و پشتیبانی سرور آفاق هاستینگ شامل پایش امنیتی، بروزرسانی نرم‌افزارها، نصب Patchهای امنیتی و سخت‌سازی سرورها است.

خدمات مدیریت و امنیت سرور

نوشته های مشابه

CVE-2026-2053 – Unauthenticated Server-Side Request Forgery via WS-Addressing in WSO2 API Manager

CVE-2026-57874 – GV-LPC2011/LPC2211 – unauthorized buffer overflow vulnerability (IEEE8021x_upload.cgi)

CVE-2026-57873 – GV-LPC2011/LPC2211 – unauthorized null pointer dereference vulnerability (IEEE8021x_upload.cgi)

CVE-2026-57872 – GV-LPC2011/LPC2211 – unauthorized directory traversal vulnerability (get_fcont.cgi)