Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
TomatoCart 1.1.7, when the PayPal Express Checkout module is enabled in sandbox mode, allows remote authenticated users to bypass intended payment requirements by modifying a certain redirection URL.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
TomatoCart PayPal Express Checkout 模块权限许可和访问控制
Vulnerability Description
Tomato Cart是一套使用PHP开发的开源电子商务软件。该软件包含产品分类、产品评论、文章发布等模块。 TomatoCart 1.1.7版本中存在漏洞。当PayPal Express Checkout模块在沙箱模式下启用时,通过修改某重定向URL,远程认证攻击者可利用该漏洞绕过既定的付款要求。
CVSS Information
N/A
Vulnerability Type
N/A