Waimai Super Cms Project - Waimai Super Cms CVE

Filtered by vendor Waimai Super Cms Project Subscribe

Filtered by product Waimai Super Cms

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-21503	1 Waimai Super Cms Project	1 Waimai Super Cms	2021-10-14	5.0 MEDIUM	7.5 HIGH
waimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=gift&a=addsave credit parameter to -1, the product is sold for free.

Vulnerabilities (CVE)