CVE-2026-2165 | detronetdip E-commerce 1.0.0 Account Creation Endpoint add_seller.php email missing authentication (Issue 23)

A vulnerability was found in detronetdip E-commerce 1.0.0 and classified as critical. Impacted is an unknown function of the file /Admin/assets/backend/seller/add_seller.php of the component Account Creation Endpoint. Executing a manipulation of the argument email can lead to missing authentication.

This vulnerability is handled as CVE-2026-2165. The attack can be executed remotely. Additionally, an exploit exists.

The project was informed of the problem early through an issue report but has not responded yet.

CVE-2026-2165 | detronetdip E-commerce 1.0.0 Account Creation Endpoint add_seller.php email missing authentication (Issue 23)

Post correlati

CVE-2025-14721 | Responsive and Swipe Slider Plugin up to 1.0.2 on WordPress Shortcode cross site scripting

CVE-2024-37126 | Dell PowerScale OneFS up to 9.7.0.0/9.7.0.2/9.7.0.3/9.8.0.0 privileges management (dsa-2024-255)

CVE-2024-8601 | TechExcel Software Solutions Back Office Software 0.x API Endpoint authorization (CIVN-2024-0285)

CVE-2025-65676 | Classroomio LMS 0.1.13 SVG Cover Image cross site scripting