CVE-2024-50944

CVSS 3.1 Score 9.8 of 10 (high)

Details

Published Dec 27, 2024

Updated: Dec 28, 2024

CWE ID 190

Summary

CVE-2024-50944 is an integer overflow vulnerability discovered in SimplCommerce's shopping cart functionality. This issue is located in the CartController's AddToCart method, specifically in commit 230310c8d7a0408569b292c5a805c459d47a1d8f. The quantity parameter is affected, potentially allowing attackers to manipulate the function and cause unintended behavior or system crashes. This vulnerability could lead to serious consequences, including data corruption or unauthorized access. It is recommended that users of SimplCommerce update to the latest version or patch to mitigate this risk.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

https://app.recordedfuture.com/live/sc/entity/z7TLjP
https://www.cve.org/CVERecord?id=CVE-2024-50944
https://nvd.nist.gov/vuln/detail/CVE-2024-50944

Back to Vulnerability Database

CVE-2024-50944

CVSS 3.1 Score 9.8 of 10 (high)

Details

Summary

Advisories, Assessments, and Mitigations