CVE-2026-15502
Affected software: AojiaoZero Antaris 1.0.** Component/affected function:** PayPal IPN Payment Handler, file /ipn.php, function _rewardPurchase.** Vulnerability:** SQL injection triggered by manipulating the argument item_number.** Attack surface/impact:** remote exploitation possible; CVSS vecto...