3 matches found
Akaunting 3.1.8 - Server-Side Template Injection (SSTI) Vulnerability
Exploit Title: Akaunting 3.1.8 - Server-Side Template Injection SSTI Exploit Author: tmrswrr Vendor: https://akaunting.com/forum Software Link: https://akaunting.com/apps/crm Vulnerable Versions: 3.1.8 Tested : https://www.softaculous.com/apps/erp/Akaunting 1 Login with admin cred and go to : Ite...
Potential Near-Zero Scenarios for purchasePrice in the Continuous Gradual Dutch Auction
Lines of code Vulnerability details Impact The Continuous Gradual Dutch Auction CGDA model has potential scenarios where the purchasePrice for an amount of tokens could approach near-zero values. This is influenced mainly by two factors: emissionRate and timeSinceLastAuctionStart. If either one o...
CVE-2019-18668
An issue was discovered in the Currency Switcher addon before 2.11.2 for WooCommerce if a user provides a currency that was not added by the administrator. In this case, even though the currency does not exist, it will be selected, but a price amount will fall back to the default currency. This...