CVE-2014-4962
Shopizer 1.1.5 and earlier are affected. A vulnerability in the productQuantity parameter allows remote attackers to reduce the cart total by supplying a negative quantity, causing the item price to be subtracted from the total cost. Root cause identified as input validation flaw on productQuanti...