| tiêu đề | SourceCodester (razormist) Customer Review App Using Tkinter in Python 1.0 other |
|---|
| Mô tả | A vulnerability was found in SourceCodester Customer Review App
Using Tkinter in Python 1.0. The affected functions add_review()
and save_review() in review_app.py do not perform any input
validation on the name and comment parameters before writing them
to the local file reviews.json. Manipulation of these arguments
with excessively large input allows a local attacker to cause
unbounded disk usage (Denial of Service). Additionally, a bare
except clause in get_all_reviews() silently suppresses all file
read errors, causing silent data loss with no user notification. |
|---|
| Nguồn | ⚠️ https://pastebin.com/Ud5vaGp6 |
|---|
| Người dùng | ameenkbrd (UID 98192) |
|---|
| Đệ trình | 12/05/2026 10:02 (cách đây 25 ngày) |
|---|
| Kiểm duyệt | 31/05/2026 19:58 (19 days later) |
|---|
| Trạng thái | được chấp nhận |
|---|
| Mục VulDB | 367588 [SourceCodester Customer Review App 1.0 review_app.py add_review/save_review/get_all_reviews name/comment Từ chối dịch vụ] |
|---|
| điểm | 17 |
|---|