CVE-2019-8292

Online Store System v1.0 delete_product.php doesn’t check to see if a user authtenticated or has administrative rights allowing arbitrary product deletion.
Source: NIST
CVE-2019-8292