Lucene search
K

867 matches found

EUVD
EUVD
added 2026/06/29 1:30 p.m.7 views

EUVD-2026-40095

A flaw has been found in SourceCodester Simple Food Ordering System 1.0. The affected element is an unknown function of the file /cart.php. Executing a manipulation of the argument itemprice can lead to business logic errors. The attack may be performed from remote. The exploit has been published...

6.9CVSS5.7AI score0.00383EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/29 1:30 p.m.31 views

CVE-2026-13571 SourceCodester Simple Food Ordering System cart.php logic error

A flaw has been found in SourceCodester Simple Food Ordering System 1.0. The affected element is an unknown function of the file /cart.php. Executing a manipulation of the argument itemprice can lead to business logic errors. The attack may be performed from remote. The exploit has been published...

6.9CVSS0.00383EPSS
Exploits0References6
OSV
OSV
added 2026/06/29 11:50 a.m.6 views

PYSEC-2026-307 calibre-web is vulnerable to Business Logic Errors

calibre-web is vulnerable to Business Logic Errors...

9.8CVSS7.1AI score0.01375EPSS
Exploits1References6
CVE
CVE
added 2026/06/26 7:47 p.m.10 views

CVE-2026-44733

CVE-2026-44733 affects OpenProject (open-source, web-based project management software). Before versions 17.3.2 and 17.4.0 , a Business Logic Error via PATCH to /api/v3/users/me could bypass password requirements. A password validation flaw in the change-password flow allowed password changes onl...

5.9CVSS5.8AI score0.00175EPSS
Exploits0References1
NVD
NVD
added 2026/06/17 10:54 a.m.8 views

CVE-2026-46903

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards component: Business Logic Infrastructure Security. Supported versions that are affected are 9.2.0.0-9.2.26.2. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise...

8.8CVSS0.00402EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/16 12:0 a.m.16 views

PT-2026-50010

Name of the Vulnerable Software and Affected Versions JD Edwards EnterpriseOne Tools versions 9.2.0.0 through 9.2.26.2 Description An issue exists in the Business Logic Infrastructure Security component of JD Edwards EnterpriseOne Tools. A low privileged attacker with network access via HTTP can...

8.8CVSS5.9AI score0.00402EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/06/09 2:58 a.m.20 views

CVE-2026-11465

A security flaw has been discovered in songquanpeng one-api up to 0.6.11-preview.7. Affected by this issue is the function Redeem of the file model/redemption.go of the component Redemption Code Top-Up Endpoint. The manipulation results in business logic errors. The attack may be launched remotel...

3.1CVSS4.6AI score0.0022EPSS
Exploits0References1
NVD
NVD
added 2026/06/07 11:16 p.m.11 views

CVE-2026-11465

A security flaw has been discovered in songquanpeng one-api up to 0.6.11-preview.7. Affected by this issue is the function Redeem of the file model/redemption.go of the component Redemption Code Top-Up Endpoint. The manipulation results in business logic errors. The attack may be launched remotel...

3.1CVSS0.0022EPSS
Exploits0References7
Cvelist
Cvelist
added 2026/06/07 10:45 p.m.29 views

CVE-2026-11465 songquanpeng one-api Redemption Code Top-Up Endpoint redemption.go Redeem logic error

A security flaw has been discovered in songquanpeng one-api up to 0.6.11-preview.7. Affected by this issue is the function Redeem of the file model/redemption.go of the component Redemption Code Top-Up Endpoint. The manipulation results in business logic errors. The attack may be launched remotel...

3.1CVSS0.0022EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2026/06/07 10:45 p.m.6 views

CVE-2026-11465

A security flaw has been discovered in songquanpeng one-api up to 0.6.11-preview.7. Affected by this issue is the function Redeem of the file model/redemption.go of the component Redemption Code Top-Up Endpoint. The manipulation results in business logic errors. The attack may be launched remotel...

3.1CVSS4.6AI score0.0022EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/06/07 10:45 p.m.10 views

CVE-2026-11465 songquanpeng one-api Redemption Code Top-Up Endpoint redemption.go Redeem logic error

A security flaw has been discovered in songquanpeng one-api up to 0.6.11-preview.7. Affected by this issue is the function Redeem of the file model/redemption.go of the component Redemption Code Top-Up Endpoint. The manipulation results in business logic errors. The attack may be launched remotel...

3.1CVSS4.6AI score0.0022EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/06/07 12:0 a.m.18 views

PT-2026-47196

Name of the Vulnerable Software and Affected Versions songquanpeng one-api versions prior to 0.6.11-preview.7 Description A business logic error exists in the Redemption Code Top-Up Endpoint. The issue is located within the Redeem function of the model/redemption.go file. This flaw allows for...

3.1CVSS5.2AI score0.0022EPSS
Exploits0References10
RedhatCVE
RedhatCVE
added 2026/06/05 7:49 p.m.10 views

CVE-2026-5812

A security flaw has been discovered in SourceCodester Pharmacy Product Management System 1.0. This affects an unknown part of the file add-sales.php of the component POST Parameter Handler. Performing a manipulation of the argument txtqty results in business logic errors. It is possible to initia...

5.5CVSS5.6AI score0.00241EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:34 p.m.13 views

CVE-2026-1274

IBM Guardium Data Protection 12.0, 12.1, and 12.2 is vulnerable to a Bypass Business Logic vulnerability in the access management control panel...

4.9CVSS5.5AI score0.003EPSS
Exploits0References1
Atlassian
Atlassian
added 2026/06/02 4:29 p.m.9 views

Business Logic Vulnerability Apache Tomcat Dependency in Confluence Data Center

This High severity Business Logic vulnerability was introduced in versions 6.13.0, 7.4.0, 7.13.0, 7.19.0, 8.9.0, 9.0.1, 9.1.0, 9.2.0, 9.3.1, 9.4.0, 9.5.1, 10.0.2, 10.1.0 and 10.2.0 of Confluence Data Center. This Business Logic vulnerability, with a CVSS Score of 7.5 and a CVSS Vector of...

7.5CVSS5.3AI score0.00467EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/05/28 8:12 a.m.13 views

CVE-2026-44410

This vulnerability stems from a business logic flaw.Attackers can exploit legitimate application functions in unintended and abnormal ways, deviating from the designer's expectations, to carry out malicious attacks...

3.8CVSS5.8AI score0.00131EPSS
Exploits0References1
GithubExploit
GithubExploit
added 2026/05/27 10:59 a.m.108 views

Hunting-Bugs

2026 Practical Bug Bounty Guide Built on real-world experie...

5.8AI score
Exploits0
NVD
NVD
added 2026/05/26 10:16 a.m.12 views

CVE-2026-44410

This vulnerability stems from a business logic flaw.Attackers can exploit legitimate application functions in unintended and abnormal ways, deviating from the designer's expectations, to carry out malicious attacks...

3.8CVSS0.00131EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/05/26 9:39 a.m.12 views

CVE-2026-44410

This vulnerability stems from a business logic flaw.Attackers can exploit legitimate application functions in unintended and abnormal ways, deviating from the designer's expectations, to carry out malicious attacks...

3.8CVSS5.8AI score0.00131EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/05/26 9:39 a.m.41 views

CVE-2026-44410 Function Abusement Vulnerability in ZTE ZXUniPOS NDS-LTE

This vulnerability stems from a business logic flaw.Attackers can exploit legitimate application functions in unintended and abnormal ways, deviating from the designer's expectations, to carry out malicious attacks...

3.8CVSS0.00131EPSS
Exploits0References1
Rows per page
Query Builder