Цены Enterprise

CVE-2023-36235

6.5MEDIUM

An issue in webkul qloapps before v1.6.0 allows an attacker to obtain sensitive information via the id_order parameter.

Опубликовано: 1/17/2024Обновлено: 6/10/2025

Посмотреть на NVD Посмотреть на MITRE

Описание

An issue in webkul qloapps before v1.6.0 allows an attacker to obtain sensitive information via the id_order parameter.

ИИ-АнализНа базе ИИ

Затронутые продукты

webkulqloapps

Ссылки

https://github.com/Ek-Saini/security/blob/main/IDOR-Qloapps
Exploit
https://github.com/webkul/hotelcommerce/pull/537
Patch
https://qloapps.com/
Product
https://github.com/Ek-Saini/security/blob/main/IDOR-Qloapps
Exploit
https://github.com/webkul/hotelcommerce/pull/537
Patch
https://qloapps.com/
Product