4 matches found
Lilishop 安全漏洞
Lilishop is a mall system from Lilishop Open Source. A security vulnerability exists in Lilishop version 4.2.4 and prior versions, which stems from an access control error. An attacker exploiting this vulnerability could capture and send coupon collection packets to obtain coupons that exceed the...
CVE-2022-0689
Use multiple time the one-time coupon in Packagist microweber/microweber prior to 1.2.11...
Use multiple time the one-time coupon
Description I create a coupon only for one user and a one-time use coupon. Then create two users, and both of them can use the coupon, but only one of them should be able to use the coupon. Proof of Concept first, create a one-time and one-user coupon code that, e.g. is aaaaa. the attacker has tw...
Ltd. Ebuycms has a flaw in the logic of unification vulnerability
Ebuycms is an e-commerce mall platform system developed for a wide range of small and medium-sized enterprises. Ltd. Ebuycms has a statistical logic flaw vulnerability that can be exploited by attackers to repeatedly obtain coupons...