Bug Report

SubAdmin Secirity Improve

Priority: high  |  Version : 2.3.1 RC10  |   Date : 2015-10-06   |   User : Foysal Mahmud   |   Vote : 1   |   Implemented in Version :    

Today i have create an admin and admin role with un-ticked all (Means we don't provide any admin role permissions) Lets see That admin id can access some of page without permitted. User can search Intelligent Search by username or email without permit User can search Intelligent Search by username or email then admin can view user 'Activity Log' without permit Dashboard > Offline Gateway Unpaid Invoices Dashboard > IP Search Products/Services > Catalog Cart > Quick Edit Products Products/Services > Catalog Cart > List Product Group Point Of Sales > Sales Orders > IMEI Orders > Accepted IMEI Orders > Verify For API (User can access without permission) CMS > Gallery CMS > Template Editor Reports/Graph > Staff Summary Utilities > E-Mail Black List Utilities > Download Log Utilities > Activity Log Utilities > Fraud Cage Help > Self Update Help > Keyboard Shortcuts Above all of admin can access without permission.

Comments (0)

Login to post comments

Google+ RSS
Google Post

© Sanvi Software Ptv Ltd 2016 | Dhru™ | Smart Lifestyle™ | Dhru Cloud™

Privacy Policy | TOC

Go to TopBack to Top