| Título | kirilkirkov Ecommerce-CodeIgniter-Bootstrap master Deserialization |
|---|
| Descripción | ## Description
Ecommerce-CodeIgniter-Bootstrap contains an unsafe deserialization vulnerability in shopping cart cookie handling. The application reads the attacker-controlled `shopping_cart` cookie and passes it directly to PHP `unserialize()` without validating the serialized type or enforcing an expected safe structure.
An unauthenticated attacker can supply crafted serialized data that breaks the shopping cart flow and triggers an application-level denial of service. In the verified environment, the crafted cookie caused an HTTP 500 response and verbose error output that disclosed internal paths and implementation details.
## Technical Details
- Affected component: `application/libraries/ShoppingCart.php`
- Vulnerable function: `getCartItems()`
- Vulnerable sink: `unserialize(get_cookie('shopping_cart'))`
- Trigger path: `/index.php/shopping-cart`
- Weakness: `CWE-502`
- CVSS v3.1: `CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H`
- Severity: `High`
- Published: `2026-05-20`
- Patched version / fix commit: `49b20f53de2b7ec34e920b11c863f1491d911a04`
- GitHub Security Advisory: https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/security/advisories/GHSA-9g5q-g6m3-v5cr
- Vendor fix: https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/commit/49b20f53de2b7ec34e920b11c863f1491d911a04 |
|---|
| Fuente | ⚠️ https://github.com/kirilkirkov/Ecommerce-CodeIgniter-Bootstrap/security/advisories/GHSA-9g5q-g6m3-v5cr |
|---|
| Usuario | Anonymous User |
|---|
| Sumisión | 2026-06-02 10:14 (hace 1 mes) |
|---|
| Moderación | 2026-07-03 19:25 (1 month later) |
|---|
| Estado | Aceptado |
|---|
| Entrada de VulDB | 376152 [kirilkirkov Ecommerce-CodeIgniter-Bootstrap hasta 13fd582aaf49aeab7438acc0fc3eb973a1f5e6a7 ShoppingCart.php getCartItems shopping_cart escalada de privilegios] |
|---|
| Puntos | 20 |
|---|