VULHUB ™

Cart32 does not sufficiently validate information provided in hidden form fields. As a result, an attacker may submit a custom form containing arbitrary values for hidden form fields. This may be used to manipulate prices for items purchased through the Cart32 shopping system. It may also be possible to manipulate other types of data contained in hidden form fields.

Cart32 does not sufficiently validate information provided in hidden form fields. As a result, an attacker may submit a custom form containing arbitrary values for hidden form fields. This may be used to manipulate prices for items purchased through the Cart32 shopping system. It may also be possible to manipulate other types of data contained in hidden form fields.