exploitDog - Комплексное решение для обнаружения, оценки и устранения уязвимостей.

БДУ ФСТЭК

Microsoft MSRC

NVD

Oracle ELSA

Red Hat CVE

РЕД ОС

Rocky RLSA

SUSE CVRF

Ubuntu

Debian

Github

Количество 2

CVE-2008-7310

почти 14 лет назад

Spree 0.2.0 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set the Order state value and bypass the intended payment step via a modified URL, related to a "mass assignment" vulnerability.

CVSS2: 5

EPSS: Низкий

GHSA-7h48-m3rw-vr27

больше 3 лет назад

Spree does not properly restrict the use of a hash to provide values for a model's attributes

EPSS: Низкий

Уязвимостей на страницу

	Уязвимость	CVSS	EPSS	Опубликовано
	CVE-2008-7310 Spree 0.2.0 does not properly restrict the use of a hash to provide values for a model's attributes, which allows remote attackers to set the Order state value and bypass the intended payment step via a modified URL, related to a "mass assignment" vulnerability.	CVSS2: 5	0% Низкий	почти 14 лет назад
	GHSA-7h48-m3rw-vr27 Spree does not properly restrict the use of a hash to provide values for a model's attributes		0% Низкий	больше 3 лет назад

Уязвимостей на страницу