CVE-2024-50944

Integer overflow vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f in the shopping cart functionality. The issue lies in the quantity parameter in the CartController's AddToCart method...

CVE-2024-50944

Consolidated details show a concrete issue in SimplCommerce: an integer overflow in the shopping cart, specifically in the CartController.AddToCart method, triggered by crafted inputs to the quantity parameter. Affected: SimplCommerce with commit 230310c8d7a0408569b292c5a805c459d47a1d8f and versi...

PT-2024-17807 · Code Projects · Simple Admin Panel

Name of the Vulnerable Software and Affected Versions: code-projects Simple Admin Panel version 1.0 Description: A critical issue was found in the Simple Admin Panel, affecting an unknown function of the file addVariationController.php. The manipulation of the qty argument leads to SQL injection...

PT-2024-10179 · Phpoffice · Phpspreadsheet

Name of the Vulnerable Software and Affected Versions: PhpSpreadsheet versions prior to 3.7.0, 2.3.5, 2.1.6, and 1.29.7 Description: The issue is related to the lack of sanitization in the /vendor/phpoffice/phpspreadsheet/samples/Engineering/Convert-Online.php file, which can lead to a cross-site...

PT-2024-34465 · Unknown · Simplcommerce

Name of the Vulnerable Software and Affected Versions: SimplCommerce version at commit 230310c8d7a0408569b292c5a805c459d47a1d8f SimplCommerce version 1.0.0 Description: An integer overflow vulnerability exists in the shopping cart functionality of SimplCommerce. The issue lies in the quantity...

PT-2024-17745 · Unknown · Codezips E-Commerce Site

Name of the Vulnerable Software and Affected Versions: Codezips E-Commerce Site version 1.0 Description: A critical issue was found in Codezips E-Commerce Site, affecting an unknown part of the file /admin/editorder.php. The manipulation of the argument dstatus/quantity/ddate leads to SQL...

CVE-2024-54227 WordPress Minimum and Maximum Quantity for WooCommerce plugin <= 2.0.0 - Broken Access Control vulnerability

Missing Authorization vulnerability in Dotstore Minimum and Maximum Quantity for WooCommerce min-and-max-quantity-for-woocommerce allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Minimum and Maximum Quantity for WooCommerce: from n/a through = 2.0.0...

WordPress plugin Minimum and Maximum Quantity for WooCommerce 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

WordPress Minimum and Maximum Quantity for WooCommerce plugin <= 2.0.0 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Minimum and Maximum Quantity for WooCommerce versions = 2.0.0...

CVE-2024-7488

Integer Overflow or Wraparound, Improper Validation of Specified Quantity in Input vulnerability in RestApp Inc. Online Ordering System allows Integer Attacks. This issue affects Online Ordering System: 8.2.1. NOTE: Vulnerability fixed in version 8.2.2 and does not exist before 8.2.1...

CVE-2024-50968

A business logic vulnerability exists in the Add to Cart function of itsourcecode Agri-Trading Online Shopping System 1.0, which allows remote attackers to manipulate the quant parameter when adding a product to the cart. By setting the quantity value to -0, an attacker can exploit a flaw in the...

itsourcecode Agri-Trading Online Shopping System 安全漏洞

itsourcecode Agri-Trading Online Shopping System is an open source online shopping system by itsourcecode. A security vulnerability exists in version 1.0 of itsourcecode Agri-Trading Online Shopping System. An attacker can exploit this vulnerability to manipulate the quant parameter when adding...

CVE-2024-50968

A business logic vulnerability exists in the Add to Cart function of itsourcecode Agri-Trading Online Shopping System 1.0, which allows remote attackers to manipulate the quant parameter when adding a product to the cart. By setting the quantity value to -0, an attacker can exploit a flaw in the...

PT-2024-34477 · Itsourcecode · Itsourcecode Agri-Trading Online Shopping System

Name of the Vulnerable Software and Affected Versions: itsourcecode Agri-Trading Online Shopping System version 1.0 Description: A business logic issue exists in the Add to Cart function, allowing remote attackers to manipulate the quant parameter when adding a product to the cart. By setting the...

Mitsubishi Electric CNC Series (Update C)

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 5.9 ATTENTION : Exploitable remotely Vendor : Mitsubishi Electric Equipment : CNC Series Vulnerability : Improper Validation of Specified Quantity in Input 2. RISK EVALUATION Successful exploitation of this vulnerability could allow an unauthenticated remote...

CVE-2024-9384

The Quantity Dynamic Pricing & Bulk Discounts for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.8.0. This makes it possible for unauthenticated attacker...

CVE-2024-9384 Quantity Dynamic Pricing & Bulk Discounts for WooCommerce <= 3.8.0 - Reflected Cross-Site Scripting

The Quantity Dynamic Pricing & Bulk Discounts for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of addqueryarg without appropriate escaping on the URL in all versions up to, and including, 3.8.0. This makes it possible for unauthenticated attacker...

WordPress Quantity Dynamic Pricing & Bulk Discounts for WooCommerce plugin <= 3.8.0 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Colin Xu in WordPress Plugin Quantity Dynamic Pricing & Bulk Discounts for WooCommerce versions = 3.8.0...

WordPress plugin Quantity Dynamic Pricing & Bulk Discounts for WooCommerce 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...

PT-2024-13293 · Shopkit · Shopkit

Name of the Vulnerable Software and Affected Versions: Shopkit version 1.0 Description: A Business Logic issue allows an attacker to add products with negative quantities to the shopping cart via the qtd parameter in the add-to-cart function. Recommendations: For Shopkit version 1.0, as a tempora...