14 matches found
CVE-2026-1599
A vulnerability was determined in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The affected element is an unknown function of the file /hungry/placeorder of the component Checkout. Executing a manipulation of the argument orggrandTotal/vat/servicecharge/grandtotal can lea...
CVE-2026-1599
A vulnerability was determined in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The affected element is an unknown function of the file /hungry/placeorder of the component Checkout. Executing a manipulation of the argument orggrandTotal/vat/servicecharge/grandtotal can lea...
CVE-2026-1599 Bdtask Bhojon All-In-One Restaurant Management System Checkout placeorder logic error
A vulnerability was determined in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The affected element is an unknown function of the file /hungry/placeorder of the component Checkout. Executing a manipulation of the argument orggrandTotal/vat/servicecharge/grandtotal can lea...
EUVD-2026-4961
A vulnerability was determined in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The affected element is an unknown function of the file /hungry/placeorder of the component Checkout. Executing a manipulation of the argument orggrandTotal/vat/servicecharge/grandtotal can lea...
CVE-2026-1599 Bdtask Bhojon All-In-One Restaurant Management System Checkout placeorder logic error
A vulnerability was determined in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The affected element is an unknown function of the file /hungry/placeorder of the component Checkout. Executing a manipulation of the argument orggrandTotal/vat/servicecharge/grandtotal can lea...
PT-2026-5315
A vulnerability was determined in Bdtask Bhojon All-In-One Restaurant Management System up to 20260116. The affected element is an unknown function of the file /hungry/placeorder of the component Checkout. Executing a manipulation of the argument orggrandTotal/vat/service charge/grandtotal can le...
Bdtask Bhojon All-In-One Restaurant Management System has security vulnerabilities.
Bdtask Bhojon All-In-One Restaurant Management System is a restaurant management system developed by the Bangladeshi company Bdtask. Versions of the Bdtask Bhojon All-In-One Restaurant Management System prior to version 20260116 contained security vulnerabilities. These vulnerabilities were cause...
GHSA-3F97-7PGV-GMGR Magento affected by a business logic error in the placeOrder graphql mutation
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by a business logic error in the placeOrder graphql mutation. An authenticated attacker can leverage this vulnerability to altar the price of an item...
Magento affected by a business logic error in the placeOrder graphql mutation
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by a business logic error in the placeOrder graphql mutation. An authenticated attacker can leverage this vulnerability to altar the price of an item...
CVE-2021-36012
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by a business logic error in the placeOrder graphql mutation. An authenticated attacker can leverage this vulnerability to altar the price of an item...
CVE-2021-36012
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by a business logic error in the placeOrder graphql mutation. An authenticated attacker can leverage this vulnerability to altar the price of an item...
Code injection
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by a business logic error in the placeOrder graphql mutation. An authenticated attacker can leverage this vulnerability to altar the price of an item...
CVE-2021-36012
CVE-2021-36012 describes a business-logic flaw in Magento Commerce’s placeOrder GraphQL mutation where an authenticated attacker can alter the price of an item, affecting Magento Commerce versions 2.4.2 (and earlier), 2.4.2-p1 (and earlier), and 2.3.7 (and earlier). The vulnerability stems from a...
CVE-2021-36012 Magento Commerce Gift Card Business Logic Error
Magento Commerce versions 2.4.2 and earlier, 2.4.2-p1 and earlier and 2.3.7 and earlier are affected by a business logic error in the placeOrder graphql mutation. An authenticated attacker can leverage this vulnerability to altar the price of an item...