Search Results (1 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2026-15502 1 Aojiaozero 1 Antaris 2026-07-12 6.3 Medium
A vulnerability was detected in AojiaoZero Antaris 1.0. This affects the function _rewardPurchase of the file /ipn.php of the component PayPal IPN Payment Handler. The manipulation of the argument item_number results in sql injection. The attack may be performed from remote. The vendor was contacted early about this disclosure but did not respond in any way.