Description

A race condition vulnerability in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f allows attackers to bypass inventory restrictions by simultaneously submitting purchase requests from multiple accounts for the same product. This can lead to overselling when stock is limited, as the system fails to accurately track inventory under high concurrency, resulting in potential loss and unfulfilled orders.

INFO

Published Date :

2024-12-27T00:00:00.000Z

Last Modified :

2024-12-28T18:22:23.419Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2024-53476 vulnerability.

Vendors Products
Simplcommerce
  • Simplcommerce
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-53476.

URL Resource
https://github.com/AbdullahAlmutawa/CVE-2024-53476 cve-icon cve-icon
https://github.com/simplcommerce/SimplCommerce cve-icon cve-icon
https://github.com/simplcommerce/SimplCommerce/issues/1111 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact