Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Input Validation of Clearance sale in cart
Vulnerability Description
Shopware is an open source commerce platform based on Symfony Framework and Vue js. In affected versions It was possible to put the same line item multiple times in the cart using the AP. The Cart Validators checked the line item's individuality and the user was able to bypass quantity limits in sales. This problem has been fixed with version 6.4.18.1. Users on major versions 6.1, 6.2, and 6.3 may also obtain this fix via a plugin.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
输入验证不恰当
Vulnerability Title
Shopware 输入验证错误漏洞
Vulnerability Description
Shopware是德国Shopware公司的一套开源电子商务软件。 Shopware 存在输入验证错误漏洞,该漏洞源于可以使用 AP 将同一行项目多次放入购物车。使得用户能够绕过销售数量限制。
CVSS Information
N/A
Vulnerability Type
N/A