Lucene search
+L

62 matches found

NVD
NVD
added 2025/10/09 4:15 p.m.7 views

CVE-2025-56426

An issue WebKul Bagisto v.2.3.6 allows a remote attacker to execute arbitrary code via the Cart/Checkout API endpoint, specifically, the price calculation logic fails to validate quantity inputs properly...

6.5CVSS0.00382EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/10/09 12:0 a.m.2 views

CVE-2025-56426

An issue WebKul Bagisto v.2.3.6 allows a remote attacker to execute arbitrary code via the Cart/Checkout API endpoint, specifically, the price calculation logic fails to validate quantity inputs properly...

7.6AI score0.00382EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/10/09 12:0 a.m.11 views

CVE-2025-56426

An issue WebKul Bagisto v.2.3.6 allows a remote attacker to execute arbitrary code via the Cart/Checkout API endpoint, specifically, the price calculation logic fails to validate quantity inputs properly...

0.00382EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2025/10/09 12:0 a.m.6 views

PT-2025-41401

Name of the Vulnerable Software and Affected Versions WebKul Bagisto version 2.3.6 Description A flaw exists that enables remote code execution through the Cart/Checkout API endpoint. The price calculation logic does not properly validate the quantity of items, allowing for potential code...

6.5CVSS8.1AI score0.00382EPSS
Exploits1References6
CVE
CVE
added 2025/10/09 12:0 a.m.21 views

CVE-2025-56426

Summary: CVE-2025-56426 affects WebKul Bagisto v2.3.6. The issue resides in the Cart/Checkout API’s price calculation logic, where quantity inputs are not properly validated, enabling remote code execution. All sources consistently describe a vulnerability that could be exploited via the Cart/Che...

6.5CVSS7.6AI score0.00382EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/10/09 12:0 a.m.4 views

CVE-2025-56426

An issue WebKul Bagisto v.2.3.6 allows a remote attacker to execute arbitrary code via the Cart/Checkout API endpoint, specifically, the price calculation logic fails to validate quantity inputs properly...

6.5CVSS8AI score0.00382EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2025/09/10 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2022-0414

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Improper Validation of Specified Quantity in Input in Packagist dolibarr/dolibarr prior to 16.0. CVE-2022-0414 Note that Nessus relies on the presence of the...

4.3CVSS5AI score0.00914EPSS
Exploits1References2
NVD
NVD
added 2025/09/09 5:15 p.m.7 views

CVE-2025-32689

Improper Validation of Specified Quantity in Input vulnerability in Convers Lab WP SmartPay smartpay.This issue affects WP SmartPay: from n/a through = 2.8.2...

7.5CVSS0.00308EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/09 4:25 p.m.14 views

CVE-2025-32689 WordPress Download Manager and Payment Form plugin <= 2.8.2 - Price Manipulation vulnerability

Improper Validation of Specified Quantity in Input vulnerability in Convers Lab WP SmartPay smartpay.This issue affects WP SmartPay: from n/a through = 2.8.2...

7.5CVSS0.00308EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/09 4:25 p.m.5 views

CVE-2025-32689 WordPress Download Manager and Payment Form plugin <= 2.8.2 - Price Manipulation vulnerability

Improper Validation of Specified Quantity in Input vulnerability in Convers Lab WP SmartPay smartpay.This issue affects WP SmartPay: from n/a through = 2.8.2...

7.5CVSS5.2AI score0.00308EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/09 12:0 a.m.6 views

WordPress plugin WP SmartPay 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...

7.5CVSS6.6AI score0.00308EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/05 1:45 p.m.2 views

CVE-2025-58835 WordPress Bonus for Woo plugin <= 7.6.6 - Other vulnerability Type vulnerability

Improper Validation of Specified Quantity in Input vulnerability in calliko Bonus for Woo bonus-for-woo allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Bonus for Woo: from n/a through = 7.6.6...

5.3CVSS5.9AI score0.00268EPSS
Exploits0References1
Snyk
Snyk
added 2025/05/28 4:41 p.m.1 views

Improper Validation of Specified Quantity in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input via the page preview functionality. An attacker can access unpublished content and potentially expose sensitive information by exploiting predictable URLs without proper authorization...

6.9CVSS6.7AI score0.00298EPSS
Exploits0References2
Snyk
Snyk
added 2025/04/21 1:40 a.m.3 views

Improper Validation of Specified Quantity in Input

Overview Affected versions of this package are vulnerable to Improper Validation of Specified Quantity in Input in the decodeFromBytes function for MRT BGP4MPHeaders in mrt.go. A local attacker can cause unexpected behavior by sending malicious packets. Remediation Upgrade...

5.3CVSS6.7AI score0.00377EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2024/12/04 2:15 p.m.6 views

CVE-2024-7488

Integer Overflow or Wraparound, Improper Validation of Specified Quantity in Input vulnerability in RestApp Inc. Online Ordering System allows Integer Attacks. This issue affects Online Ordering System: 8.2.1. NOTE: Vulnerability fixed in version 8.2.2 and does not exist before 8.2.1...

5.3CVSS5.8AI score0.00286EPSS
Exploits0References3Affected Software1
CNNVD
CNNVD
added 2024/09/07 12:0 a.m.5 views

Food Ordering Management System 安全漏洞

Food Ordering Management System is a food ordering management system by the individual developer Carlo Montero. It provides an online platform to order food from a restaurant or fast food chain. A security vulnerability exists in Food Ordering Management System version 1.0, which stems from the...

5.3CVSS4.9AI score0.00558EPSS
Exploits1References6
Positive Technologies
Positive Technologies
added 2024/09/07 12:0 a.m.4 views

PT-2024-39095 · Unknown · Sourcecodester Food Ordering Management System

Name of the Vulnerable Software and Affected Versions: SourceCodester Food Ordering Management System version 1.0 Description: A problematic vulnerability was found in the SourceCodester Food Ordering Management System. This issue affects the Price Handler component, specifically the file...

5.3CVSS4.9AI score0.00558EPSS
Exploits1References12
Positive Technologies
Positive Technologies
added 2024/05/17 12:0 a.m.5 views

PT-2024-23455 · WordPress · Wp Express Checkout

Name of the Vulnerable Software and Affected Versions: WP Express Checkout Accept PayPal Payments versions through 2.3.7 Description: The issue is related to improper validation of specified quantity in input, allowing manipulation of hidden fields. This can be exploited to manipulate the checkou...

7.5CVSS9.3AI score0.00521EPSS
Exploits0References3
OSV
OSV
added 2023/08/20 11:15 p.m.3 views

CVE-2023-4439

A vulnerability was found in SourceCodester Card Holder Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the component Minus Value Handler. The manipulation leads to improper validation of specified quantity in input. The attack may be...

5.3CVSS4.8AI score0.00403EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/02/15 12:0 a.m.4 views

PT-2022-13291 · Unknown · Microweber

Name of the Vulnerable Software and Affected Versions: microweber/microweber versions prior to 1.2.11 Description: The issue is related to improper validation of specified quantity in input, which can lead to business logic errors. This could allow an attacker to manipulate the total value and...

5.4CVSS4.7AI score0.0062EPSS
Exploits1References10
Rows per page
Query Builder