5 matches found
CVE-2019-7865
A cross-site request forgery CSRF vulnerability exists in the checkout cart item of Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This could be exploited at the time of editing or configuration...
EUVD-2022-5604
Malicious code in bioql PyPI...
CVE-2023-22730 Improper Input Validation of Clearance sale in cart
Shopware is an open source commerce platform based on Symfony Framework and Vue js. In affected versions It was possible to put the same line item multiple times in the cart using the AP. The Cart Validators checked the line item's individuality and the user was able to bypass quantity limits in...
GHSA-3J6M-M5V5-9785 OpenCart Cross-Site Request Forgery (CSRF)
Cross Site Request Forgery CSRF in CART option in OpenCart Ltd. Opencart CMS 3.0.3.6 allows attacker to add cart items via Add to cart...
Business Logic Errors in microweber
Microweber prior to 1.2.11 can suffer from insecure direct object references. A malicious actor can remove items from a victim's cart...