CVE-2024-6128 | spa-cartcms 1.9.0.6 Checkout Page /checkout quantity behavioral workflow

Posted by Angelo Barbosa | Jun 18, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in spa-cartcms 1.9.0.6. This issue affects some unknown processing of the file /checkout of the component Checkout Page. The manipulation of the argument quantity with the input -10 leads to enforcement of behavioral workflow.

The identification of this vulnerability is CVE-2024-6128. The attack may be initiated remotely. Furthermore, there is an exploit available.

CVE-2024-6128 | spa-cartcms 1.9.0.6 Checkout Page /checkout quantity behavioral workflow

Related Posts

CVE-2024-42818 | fastapi-admin pro 0.1.4 Product Name cross site scripting

CVE-2024-22877 | StrangeBee TheHive up to 5.2.8 HTML Report cross site scripting (SB-SEC-ADV-2023-001)

CVE-2023-6851 | kalcaddle KodExplorer up to 4.51.03 ZIP Archive plugins/zipView/app.php unzipList code injection

CVE-2023-42949 | Apple macOS Temporary Directory access control