Category Archives: Advisories

Business Logic Flaw and Username Enumeration in spa-cartcmsv1.9.0.6

Read Time:23 Second

Posted by Andrey Stoykov on Jun 15

# Exploit Title: Business Logic Flaw and Username Enumeration in
spa-cartcmsv1.9.0.6
# Date: 6/2024
# Exploit Author: Andrey Stoykov
# Version: 1.9.0.6
# Tested on: Ubuntu 22.04
# Blog:
https://msecureltd.blogspot.com/2024/04/friday-fun-pentest-series-5-spa.html
<http://msecureltd.blogspot.com/>

Description

– It was found that the application suffers from business logic flaw

– Additionally the application is vulnerable to username…

Read More