CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-26631

Improper input validation vulnerability in Mangboard commerce package could lead to occur for abnormal request. A remote attacker can exploit this vulnerability to manipulate the total order amount into a negative number and then pay for the order.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 26.0%

CVSS Severity

CVSS v3 Score 8.0

CVSS v2 Score 5.0

References

https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66724
https://www.krcert.or.kr/krcert/secNoticeView.do?bulletin_writing_sequence=66724

Products affected by CVE-2021-26631

Mangboard » Commerce » Version: N/A

cpe:2.3:a:mangboard:commerce:-
Mangboard » Commerce » Version: 1.3.8

cpe:2.3:a:mangboard:commerce:1.3.8

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-26631

Products

Pricing

Contact Us