CVE-2024-2267 | keerti1924 Online-Book-Store-Website 1.0 /shop.php product_price logic error

Inserito da Angelo Barbosa | Mar 7, 2024 | CVE

A vulnerability was found in keerti1924 Online-Book-Store-Website 1.0 and classified as problematic. This issue affects some unknown processing of the file /shop.php. The manipulation of the argument product_price leads to business logic errors.

The identification of this vulnerability is CVE-2024-2267. The attack may be initiated remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.

CVE-2024-2267 | keerti1924 Online-Book-Store-Website 1.0 /shop.php product_price logic error

Post correlati

CVE-2024-40531 | Pantera CMS 401.152/402.072 User Profile Management Privilege Escalation

CVE-2024-10477 | LinZhaoguan pb-cms up to 2.0.1 Permission Management Page /admin#permissions cross site scripting (IAYIB9)

CVE-2024-1603 | paddlepaddle paddle.vision.ops.read_file file inclusion

CVE-2024-27018 | Linux Kernel up to 6.9-rc4 br_netfilter br_netfilter_hooks.c Remote Code Execution