433 matches found
GHSA-XP7P-3GX7-J6WX calibre-web is vulnerable to Business Logic Errors
calibre-web is vulnerable to Business Logic Errors...
calibre-web is vulnerable to Business Logic Errors
calibre-web is vulnerable to Business Logic Errors...
CVE-2021-4146
Business Logic Errors in GitHub repository pimcore/pimcore prior to 10.2.6...
CVE-2021-4146
Business Logic Errors in GitHub repository pimcore/pimcore prior to 10.2.6...
Code injection
Business Logic Errors in GitHub repository pimcore/pimcore prior to 10.2.6...
CVE-2021-4146
CVE-2021-4146 relates to Business Logic Errors in pimcore/pimcore prior to version 10.2.6. Multiple connected advisories describe a flaw where discount logic can yield negative amounts, enabling unintended behavior in pricing (e.g., negative cart discounts). The issue stems from insufficient inpu...
CVE-2021-4146 Business Logic Errors in pimcore/pimcore
Business Logic Errors in GitHub repository pimcore/pimcore prior to 10.2.6...
CVE-2021-4171
calibre-web is vulnerable to Business Logic Errors...
CVE-2021-4171
calibre-web is vulnerable to Business Logic Errors...
CVE-2021-4171
calibre-web is vulnerable to Business Logic Errors...
Code injection
calibre-web is vulnerable to Business Logic Errors...
CVE-2021-4171
Calibre-web (web application) is affected by CVE-2021-4171 due to Business Logic Errors. The CVSS data indicates high to critical impact (C/H/I/A) with network access, no authentication, and no user interaction required. The vulnerability affects core logic of calibre-web (exact function/file not...
CVE-2021-4171 Business Logic Errors in janeczku/calibre-web
calibre-web is vulnerable to Business Logic Errors...
calibre-web 安全漏洞
Calibre-Web is a web application for browsing, reading and downloading eBooks from the Calibre database. A security vulnerability exists in calibre-web that stems from the fact that calibre-web is prone to business logic errors...
PT-2022-11465 · Unknown · Calibre-Web
Name of the Vulnerable Software and Affected Versions: calibre-web affected versions not specified Description: The issue is related to Business Logic Errors. There is no information provided about the estimated number of potentially affected devices or real-world incidents where this issue was...
Business Logic Errors
dolibarr/dolibarr is vulnerable to business logic errors. An attacker can exploit this flaw by providing a negative price amount to the create function in don.class.php as it does not properly check user input negative price amounts...
Business Logic Errors in silverstripe/silverstripe-framework
Description SilverStripe Framework is vulnerable to Business Logic Errors in the Failed login count since that value can be a negative number. Proof of Concept 1.After login, go to Security page under the path /admin/security/ 2.Click on any member record 3.In the member edit form, enter a negati...
Dolibarr 输入验证错误漏洞
Dolibarr is a software application. A modern software package that helps manage your organization's activities. Dolibarr suffers from an input validation error vulnerability that stems from Dolibarr being prone to business logic errors...
PT-2022-13010 · Dolibarr · Dolibarr
Name of the Vulnerable Software and Affected Versions: dolibarr affected versions not specified Description: The issue concerns an improper validation of specified quantity in input, leading to business logic errors. This occurs because the application does not check the input of price numbers,...
Business Logic Errors in dolibarr/dolibarr
Description The application does not check the input of price number lead to Business Logic error through negative price amount. Proof of Concept 1. Go to Product and Services area htdocs/product/index.php 2. Create a new or edit an item, insert a negative amount into Selling price field. Also in...