A loop hole in the payment logic of Sparkshop v1.16 allows attackers to arbitrarily modify the number of products.
References
Link | Resource |
---|---|
http://sparkshop.com | Not Applicable |
https://gitee.com/sparkshop/sparkshop | Product |
https://github.com/Yllxx03/CVE/tree/main/CVE-2024-46307 | Exploit Third Party Advisory |
Configurations
History
15 Oct 2024, 14:57
Type | Values Removed | Values Added |
---|---|---|
References | () http://sparkshop.com - Not Applicable |
15 Oct 2024, 14:46
Type | Values Removed | Values Added |
---|---|---|
First Time |
Sparkshop sparkshop
Sparkshop |
|
CWE | NVD-CWE-noinfo | |
CPE | cpe:2.3:a:sparkshop:sparkshop:*:*:*:*:*:*:*:* | |
References | () http://sparkshop.com - Product | |
References | () https://gitee.com/sparkshop/sparkshop - Product | |
References | () https://github.com/Yllxx03/CVE/tree/main/CVE-2024-46307 - Exploit, Third Party Advisory |
11 Oct 2024, 21:36
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 7.5 |
CWE | CWE-841 |
10 Oct 2024, 12:51
Type | Values Removed | Values Added |
---|---|---|
Summary |
|
09 Oct 2024, 17:15
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2024-10-09 17:15
Updated : 2024-10-15 14:57
NVD link : CVE-2024-46307
Mitre link : CVE-2024-46307
CVE.ORG link : CVE-2024-46307
JSON object : View
Products Affected
sparkshop
- sparkshop
CWE