Описание
viewcart in Midicart accepts negative numbers in the Qty (quantity) field, which allows remote attackers to obtain a smaller total price for a shopping cart.
Ссылки
- ExploitPatchURL Repurposed
- Vendor Advisory
- ExploitPatchURL Repurposed
- Vendor Advisory
Уязвимые конфигурации
Конфигурация 1
cpe:2.3:a:midicart_software:midicart_php_shopping_cart:*:*:*:*:*:*:*:*
EPSS
Процентиль: 68%
0.0057
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other
Связанные уязвимости
github
почти 4 года назад
viewcart in Midicart accepts negative numbers in the Qty (quantity) field, which allows remote attackers to obtain a smaller total price for a shopping cart.
EPSS
Процентиль: 68%
0.0057
Низкий
5 Medium
CVSS2
Дефекты
NVD-CWE-Other