CNNVD-202509-3623 Information

CNNVD ID

CNNVD-202509-3623

Related CVE

CVE-2025-10778

• CNNVD Published: 2025-09-22

Description (Chinese)

Smartstore是Smartstore AG开源的一个电子商务平台。。 Smartstore 6.2.0及之前版本存在竞争条件问题漏洞，该漏洞源于组件Gift Voucher Handler中文件/checkout/confirm存在竞争条件，可能导致远程攻击。

Description (English)

Smartstore is an open-source e-commerce platform for Smartstore AG. There is a loophole in the Smartstore 6.2.0 and previous versions of the competition conditions, which stem from the competitive conditions in the document/checkout/confirm in the Gift Voucher Handler component, which may lead to a remote attack.

Hazard Level

Critical

Vulnerability Type

竞争条件问题

Affected Vendor

SMTP

Published

2025-09-22

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.325134 https://vuldb.com/?id.325134 https://vuldb.com/?submit.640785