Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

4 matches found

Vulnrichment
Vulnrichmentadded 2024/03/27 6:53 p.m.15 views

CVE-2024-29888 Saleor vulnerable to customers addresses leak when using Warehouse as a `Pickup: Local stock only` delivery method

Saleor is an e-commerce platform that serves high-volume companies. When using Pickup: Local stock only click-and-collect as a delivery method in specific conditions the customer could overwrite the warehouse address with its own, which exposes its address as click-and-collect address. This issue...

4.2CVSS6.8AI score0.00537EPSS
Exploits0References11
CVE
CVEadded 2024/03/27 6:53 p.m.50 views

CVE-2024-29888

Summary: CVE-2024-29888 affects Saleor (e-commerce platform). When using the delivery option “Pickup: Local stock only” under certain conditions, a customer could overwrite the warehouse address with their own, exposing the warehouse/pickup address as the click‑and‑collect address. This vulnerabi...

5.4CVSS4.3AI score0.00537EPSS
Exploits0References11Affected Software1
Cvelist
Cvelistadded 2024/03/27 6:53 p.m.33 views

CVE-2024-29888 Saleor vulnerable to customers addresses leak when using Warehouse as a `Pickup: Local stock only` delivery method

Saleor is an e-commerce platform that serves high-volume companies. When using Pickup: Local stock only click-and-collect as a delivery method in specific conditions the customer could overwrite the warehouse address with its own, which exposes its address as click-and-collect address. This issue...

4.2CVSS4.7AI score0.00537EPSS
Exploits0References11
Positive Technologies
Positive Technologiesadded 2024/03/27 12:0 a.m.3 views

PT-2024-23111

Name of the Vulnerable Software and Affected Versions Saleor versions prior to 3.14.61 Saleor versions prior to 3.15.37 Saleor versions prior to 3.16.34 Saleor versions prior to 3.17.32 Saleor versions prior to 3.18.28 Saleor versions prior to 3.19.15 Description The issue occurs when using Picku...

5.4CVSS6.5AI score0.00537EPSS
Exploits0References26
Rows per page
Query Builder