| عنوان | Alphaware - Simple E-Commerce System has payment vulnerability |
|---|
| الوصف | BUG_Author: Murasaki
Link:https://www.sourcecodester.com/php/11676/alphaware-simple-e-commerce-system.html
Vulnerability File: /alphaware/summary.php
Modifying the amount parameter in the URL when paying for an order will change the price of the entire order.
The buyer can place an order at the modified price, affecting the whole transaction process and forming a payment logic vulnerability.
See github's documentation for details. |
|---|
| المصدر | ⚠️ https://github.com/1MurasaKi/PaymentVul_report/blob/main/razormist/Alphaware%20-%20Simple%20E-Commerce%20System/payment_vulnerability.md |
|---|
| المستخدم | Murasaki (UID 41555) |
|---|
| ارسال | 22/02/2023 06:26 AM (3 سنوات منذ) |
|---|
| الاعتدال | 24/02/2023 08:31 AM (2 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 221733 [SourceCodester Alphaware Simple E-Commerce System 1.0 Payment /alphaware/summary.php مقدار تجاوز الصلاحيات] |
|---|
| النقاط | 20 |
|---|