5.3
CVE-2018-16157
- EPSS 0.2%
- Veröffentlicht 30.08.2018 13:29:00
- Zuletzt bearbeitet 21.11.2024 03:52:11
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Loginwaimai Super Cms 20150505 has a logic flaw allowing attackers to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=cart&a=save item_totals parameter to zero, the entire cart is sold for free.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Bijiadao ≫ Waimai Super Cms Version20150505
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.2% | 0.389 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5.3 | 3.9 | 1.4 |
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:N/I:P/A:N
|