4 matches found
BBCBuilder e-commerce system has design flaws
BBCbuilder is a new model of b2b2c e-commerce system built by Yuanfeng Company. BBCBuilder e-commerce system has a logical design vulnerability. An attacker can modify the number of products purchased after logging in and then modify the payment amount by grabbing packets...
Arbitrary User Password Reset Vulnerability in BBCBuilder E-Commerce System
BBCBuilder e-commerce system is a b2b2c model developed by Yuanfeng Company, which supports the e-commerce system of platform self-supporting and supplier store coexistence mode. BBCBuilder e-commerce system version 2.6.1, there is an arbitrary user password reset vulnerability, attackers use the...
Cross-Site Request Forgery Vulnerability in the User Center of BBCBuilder E-Commerce System
BBCBuilder e-commerce system is a b2b2c model developed by Yuanfeng Company, which supports the e-commerce system of platform self-supporting and supplier store coexistence mode. A cross-site request forgery vulnerability exists in the user center of the BBCBuilder e-commerce system, which allows...
Arbitrary User Registration Vulnerability in BBCBuilder E-Commerce System
BBCBuilder is a b2b2c model developed by Yuanfeng Company, which supports the e-commerce system of platform self-supporting and supplier store coexistence mode. Version 2.6.1 of the BBCBuilder e-commerce system contains an arbitrary user registration vulnerability that allows an attacker to...