| タイトル | Alphaware - Simple E-Commerce System has payment vulnerability |
|---|
| 説明 | BUG_Author: Murasaki
Link:https://www.sourcecodester.com/php/11676/alphaware-simple-e-commerce-system.html
Vulnerability File: /alphaware/summary.php
Modifying the amount parameter in the URL when paying for an order will change the price of the entire order.
The buyer can place an order at the modified price, affecting the whole transaction process and forming a payment logic vulnerability.
See github's documentation for details. |
|---|
| ソース | ⚠️ https://github.com/1MurasaKi/PaymentVul_report/blob/main/razormist/Alphaware%20-%20Simple%20E-Commerce%20System/payment_vulnerability.md |
|---|
| ユーザー | Murasaki (UID 41555) |
|---|
| 送信 | 2023年02月22日 06:26 (3 年 ago) |
|---|
| モデレーション | 2023年02月24日 08:31 (2 days later) |
|---|
| ステータス | 承諾済み |
|---|
| VulDBエントリ | 221733 [SourceCodester Alphaware Simple E-Commerce System 1.0 Payment /alphaware/summary.php 額 特権昇格] |
|---|
| ポイント | 20 |
|---|