exploitDog

GHSA-9v6r-6rm8-hx38

Опубликовано: 08 янв. 2026

Источник: github

Github: Не прошло ревью

CVSS3: 9.1

Описание

There is an issue on the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 that enables remote attacker to create financial discrepancies by purchasing items with a negative quantity. This vulnerability is possible due to reliance on client-side input validation controls.

There is an issue on the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 that enables remote attacker to create financial discrepancies by purchasing items with a negative quantity. This vulnerability is possible due to reliance on client-side input validation controls.

Ссылки

EPSS

Процентиль: 13%

0.00044

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-20

Связанные уязвимости

CVE-2025-61546

CVSS3: 9.1

nvd

около 1 месяца назад

There is an issue on the /PSP/appNET/Store/CartV12.aspx/GetUnitPrice endpoint in edu Business Solutions Print Shop Pro WebDesk version 18.34 that enables remote attacker to create financial discrepancies by purchasing items with a negative quantity. This vulnerability is possible due to reliance on client-side input validation controls.

EPSS

Процентиль: 13%

0.00044

Низкий

9.1 Critical

CVSS3

CVE ID

Дефекты

CWE-20