CVE-2022-0688 Business Logic Errors in microweber/microweber

Business Logic Errors in Packagist microweber/microweber prior to 1.2.11...

CVE-2022-0688 Business Logic Errors in microweber/microweber

Business Logic Errors in Packagist microweber/microweber prior to 1.2.11...

CVE-2022-0688

CVE-2022-0688 affects microweber/microweber prior to 1.2.11. The Red Hat OSV/GHSA entries and related records describe a business logic/ insecure direct object reference issue in Microweber that can enable a malicious actor to manipulate cart contents (e.g., removing items) without proper authori...

GHSA-3P9J-442X-HJP7 Business Logic Errors in microweber

microweber prior to 1.2.11 allows multiple uses of a single-use coupon...

Business Logic Errors in microweber/microweber

Description The product is vulnerable to Business Logic error through negative product amount. Proof of Concept Step 1: Login to the application, Navigate to Shops - Products - Add Product Step 2: Fill in all the required details with Pricing parameter as -100 and click on save. Here an item is...

Publify Business Logic Errors

Publify formerly known as Typo prior to version 9.2.7 is vulnerable to business logic errors...

Business Logic Errors in Publify

Publify formerly known as Typo prior to version 9.2.7 is vulnerable to business logic errors...

CVE-2022-0524

Business Logic Errors in GitHub repository publify/publify prior to 9.2.7...

CVE-2022-0524

Business Logic Errors in GitHub repository publify/publify prior to 9.2.7...

Code injection

Business Logic Errors in GitHub repository publify/publify prior to 9.2.7...

CVE-2022-0524 Business Logic Errors in publify/publify

Business Logic Errors in GitHub repository publify/publify prior to 9.2.7...

CVE-2022-0524

CVE-2022-0524 concerns business logic errors in Publify (Typo) prior to version 9.2.7. Multiple sources confirm the issue affects the Publify repository and Rubygems packaging, with remediation to update to 9.2.7 or later. The available documents describe the vulnerability class as business logic...

CVE-2022-0524 Business Logic Errors in publify/publify

Business Logic Errors in GitHub repository publify/publify prior to 9.2.7...

PT-2022-13238 · Rubygems +1 · Rubygems +1

Name of the Vulnerable Software and Affected Versions: Publify versions prior to 9.2.7 Description: The issue concerns business logic errors in the Publify repository. This affects the Rubygems typo package as well. There is no information provided about the estimated number of potentially affect...

Business Logic Errors in SilverStripe Framework

SilverStripe Framework prior to version 4.10.1 is vulnerable to business logic errors...

Business Logic Errors in publify/publify

Description It was found that if a user tries to create an article, and want to make that article private, the functionality is not working. Proof of Concept 1. Create an article 2. Click on publish and you will see the option to visibility to make it private, but functionality is not designed...

Business Logic Errors in dolibarr/dolibarr

Description Dolibarr is vulnerable to Business Logic Errors in the Weight, Length x Width x Height, Area, Volume fields of a Product since these values can be negative numbers. Proof of Concept 1.After login, in the top menu bar, click Products 2.In the left menu bar, click List to view the list ...

Business Logic Errors in crater-invoice/crater

Description It is found that comapny currency can not be changed since the field is disabled as shown in the screenshot but it can be changed by tampering the parameter. Proof of Concept Actual Request POST /api/v1/company/settings HTTP/1.1 Host: demo.craterapp.com User-Agent: Mozilla/5.0 Windows...

GHSA-54HW-MHGH-X4VC Business Logic Errors in pimcore

In pimcore versions prior to 10.2.9 discounts could be negative resulting in unintended behavior...

Business Logic Errors in pimcore

In pimcore versions prior to 10.2.9 discounts could be negative resulting in unintended behavior...