AbdullahAlmutawa/CVE-2024-50944

Releases0

Integer Overflow in Cart Logic in SimplCommerce allows remote attackers to manipulate product quantities and total prices via crafted inputs that exploit insufficient validation of the quantity parameter.

CVE History

CVE	Published	CVSS v3	CVSS v2
CVE-2024-50944 ↗	Dec 27, 2024Friday, 27 December 2024, 19:15	9.8 CRITICAL	—
Integer overflow vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f in the shopping cart functionality. The issue lies in the quantity parameter in the CartController's AddToCart method.