CVE-2024-50944

Published Dec 27, 2024

Last updated 2 months ago

CVSS critical 9.8

Overview

Description
Integer overflow vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f in the shopping cart functionality. The issue lies in the quantity parameter in the CartController's AddToCart method.
Source
cve@mitre.org
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-190

Social media

Hype score
Not currently trending

  1. eWPTXv2 latest CVE's CVE-2024-50944: Integer overflow in shopping cart functionality leads to price manipulation. CVE-2024-53476: bypassing inventory controls. CVE-2024-50945: Lack of purchase verification for product reviews. All of this seems good cases for Web Hacking 🧛

    @byt3n33dl3

    5 Jan 2025

    23 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. الحَمد لله, حصلت على 3x CVEs وشهادة eWPTX. CVE-2024-50944: Integer overflow in shopping cart functionality leads to price manipulation CVE-2024-53476: Race condition allowing bypass of inventory controls CVE-2024-50945: Lack of purchase verification for product reviews https://t

    @_D3CAFF

    3 Jan 2025

    1601 Impressions

    3 Retweets

    26 Likes

    8 Bookmarks

    5 Replies

    0 Quotes

  3. الحَمد لله, حصلت على 3x CVEs وشهادة eWPTX. CVE-2024-50944: Integer overflow in shopping cart functionality leads to price manipulation. CVE-2024-53476: Race condition allowing bypass of inventory controls. CVE-2024-50945: Lack of purchase verification for product reviews. https:

    @_D3CAFF

    3 Jan 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. الحَمد لله, حصلت على 3x CVEs وشهادة Web Application Penetration Tester eXtreme (eWPTX). CVE-2024-50944: Integer overflow in shopping cart functionality leads to price manipulation. CVE-2024-53476: Race condition allowing bypass of inventory controls. CVE-2024-50945: Lack of… http

    @_D3CAFF

    3 Jan 2025

    3 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2024-50944 (CVSS:9.8, CRITICAL) is Awaiting Analysis. Integer overflow vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f in the shoppin..https://t.co/n6NHyBqNc1 #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre

    @cracbot

    1 Jan 2025

    27 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. CVE-2024-50944 Integer overflow vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f in the shopping cart functionality. The issue lies in the qu… https://t.co/tLXCIR4p4f

    @CVEnew

    28 Dec 2024

    452 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References