CVE-2024-50944

critical

Description

Integer overflow vulnerability exists in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f in the shopping cart functionality. The issue lies in the quantity parameter in the CartController's AddToCart method.

References

https://www.simplcommerce.com/

https://github.com/simplcommerce/SimplCommerce/issues/1110

https://github.com/simplcommerce/SimplCommerce

https://github.com/AbdullahAlmutawa/CVE-2024-50944

Details

Source: Mitre, NVD

Published: 2024-12-27

Updated: 2026-04-15

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

CVSS v3

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Severity: Critical

EPSS

EPSS: 0.04836