EUVD-2024-41426

Malicious code in bioql PyPI...

CVE-2024-45300

alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5, a race condition allows the user to bypass the limit on the number of promo codes and use the discount coupon multiple times. In "alf.io", an event organizer can apply...

CVE-2024-45300

alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5, a race condition allows the user to bypass the limit on the number of promo codes and use the discount coupon multiple times. In "alf.io", an event organizer can apply...

CVE-2024-45300

Vulnerability summary (CVE-2024-45300) : alf.io prior to version 2.0-M5 contains a race condition that lets an attacker bypass the promo-code usage limit and apply a discount coupon multiple times. The underlying issue is a timing gap between checking code usage and enforcing the limit, enabling ...

CVE-2024-45300 Bypassing promo code limitations with race conditions

alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5, a race condition allows the user to bypass the limit on the number of promo codes and use the discount coupon multiple times. In "alf.io", an event organizer can apply...

CVE-2024-45300 Bypassing promo code limitations with race conditions

alf.io is an open source ticket reservation system for conferences, trade shows, workshops, and meetups. Prior to version 2.0-M5, a race condition allows the user to bypass the limit on the number of promo codes and use the discount coupon multiple times. In "alf.io", an event organizer can apply...

CVE-2023-3969

A vulnerability, which was classified as problematic, has been found in GZ Scripts Availability Booking Calendar PHP 1.0. Affected by this issue is some unknown functionality of the file index.php of the component HTTP POST Request Handler. The manipulation of the argument promocode leads to cros...

Cross site scripting

A vulnerability, which was classified as problematic, has been found in GZ Scripts Availability Booking Calendar PHP 1.0. Affected by this issue is some unknown functionality of the file index.php of the component HTTP POST Request Handler. The manipulation of the argument promocode leads to cros...

Availability Booking Calendar PHP 跨站脚本漏洞

Availability Booking Calendar PHP is GZ Scripts open source an availability booking calendar system . Availability Booking Calendar PHP v1.0 version of a cross-site scripting vulnerability , the vulnerability stems from the file index.php parameter promocode on the user-supplied data lack of...

PT-2023-27073 · Unknown · Gz Scripts Availability Booking Calendar Php

Name of the Vulnerable Software and Affected Versions: GZ Scripts Availability Booking Calendar PHP version 1.0 Description: A problematic issue has been found in the HTTP POST Request Handler component of the file index.php, where the manipulation of the promo code argument leads to cross site...

PRODSECBUG-1513: Insufficient brute force protections on promo code entry

More info at https://magento.com/security/patches/magento-2.3.2-2.2.9-and-2.1.18-security-update-33...

Uber promo code vulnerability allows hackers a free ride-vulnerability warning-the black bar safety net

! Do you want to by Uber taxi services to travel free? If you are the Uber taxi service loyal users,or you've ever used Uber to call a car service,then this article will definitely make you excited. Because there is a name from the Egypt independent security researcher in the Uber app found a...

New Relic: No Rate Limitation on Promo Code

Hello, there is no rate limitation on entering "promo code" while upgrading the subscription. an attacker can bruteforce the promo code and could get a lot of benefits with that. https://rpm.newrelic.com/accounts/XXXXXXX/products i have tested this bug by attempting 500+ invalid promo code. and g...

Windows website loophole allow anyone to get WIndows 8 in just $14.99

Windows 8 launched in 37 languages and 140 worldwide markets, as the tech giant unveiled the new version of its computer operating system. The OS is now available in over 30 certified devices, and a broad selection of local apps are already available in the onboard Windows Store. It is also...