A week in security (January 20 – January 26)

Last week on Malwarebytes Labs: Your location or browsing habits could lead to price increases when buying online AI tool GeoSpy analyzes images and identifies locations in seconds 7-Zip bug could allow a bypass of a Windows security feature. Update now Warning: Don’t sell or buy a second hand...

Business Logic Errors in dolibarr/dolibarr

Description The application does not check the input of price number lead to Business Logic error through negative price amount. Proof of Concept 1. Go to Product and Services area htdocs/product/index.php 2. Create a new or edit an item, insert a negative amount into Selling price field. Also in...

more problems with that POS dansie cart software!

if installing a backdoor in the cart software wasn't bad enough.. the whole implimentation of pricing and adding items to cart is crap.. example form to add items to your cart kindly provided on the publishers site using the demo cart they set up for us: snip FORM METHOD=POST...