2 matches found
EUVD-2026-11766
The Formidable Forms plugin for WordPress is vulnerable to an authorization bypass through user-controlled key in all versions up to, and including, 6.28. This is due to the frmstrpamount AJAX handler updateintentajax overwriting the global $POST data with attacker-controlled JSON input and then...
BBCBuilder e-commerce system has design flaws
BBCbuilder is a new model of b2b2c e-commerce system built by Yuanfeng Company. BBCBuilder e-commerce system has a logical design vulnerability. An attacker can modify the number of products purchased after logging in and then modify the payment amount by grabbing packets...