3 matches found
CVE-2025-56426
An issue WebKul Bagisto v.2.3.6 allows a remote attacker to execute arbitrary code via the Cart/Checkout API endpoint, specifically, the price calculation logic fails to validate quantity inputs properly...
PT-2025-41401
Name of the Vulnerable Software and Affected Versions WebKul Bagisto version 2.3.6 Description A flaw exists that enables remote code execution through the Cart/Checkout API endpoint. The price calculation logic does not properly validate the quantity of items, allowing for potential code...
CVE-2025-56426
Summary: CVE-2025-56426 affects WebKul Bagisto v2.3.6. The issue resides in the Cart/Checkout API’s price calculation logic, where quantity inputs are not properly validated, enabling remote code execution. All sources consistently describe a vulnerability that could be exploited via the Cart/Che...