waimai Super Cms 20150505 has a logic flaw allowing malicious users to modify a price, before form submission, by observing data in a packet capture. By setting the index.php?m=gift&a=addsave credit parameter to -1, the product is sold for free.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
waimai super cms project waimai super cms 20150505 |