CVE-2024-7067 – kirilkirkov Ecommerce-Laravel-Bootstrap Cart.php getCartProductsIds deserialization

https://notcve.org/view.php?id=CVE-2024-7067

24 Jul 2024 — A vulnerability was found in kirilkirkov Ecommerce-Laravel-Bootstrap up to 1f1097a3448ce8ec53e034ea0f70b8e2a0e64a87. It has been rated as critical. Affected by this issue is the function getCartProductsIds of the file app/Cart.php. The manipulation of the argument laraCart leads to deserialization. The attack may be launched remotely. • https://github.com/kirilkirkov/Ecommerce-Laravel-Bootstrap/commit/a02111a674ab49f65018b31da3011b1e396f59b1 • CWE-502: Deserialization of Untrusted Data •