d2c-cai / shop-mall Goto Github PK

Recently, our team found an arbitrary order payment vulnerability in the latest version of the project. The vulnerability logic is present in the file:
https://github.com/D2C-Cai/shop-mall/blob/master/shop-api/shop-api-customer/src/main/java/com/d2c/shop/customer/api/OrderController.java#L315

Unauthorized access to the /c_api/order/pay API enables attackers to manipulate the param id and change the payment status of any order.
To address this vulnerability, we strongly recommend that developers implement access control policies to ensure that only privileged users or the order owner are authorized to perform the operation.

Recently, our team found an arbitrary order detail access vulnerability in the latest version of the project (different with #7). The vulnerability logic is present in the file:
https://github.com/D2C-Cai/shop-mall/blob/master/shop-api/shop-api-customer/src/main/java/com/d2c/shop/customer/api/OrderController.java#L425

Access to the /c_api/order/{id} API is unauthorized, allowing attackers to manipulate the path variable id and access other users' order details, potentially compromising user privacy data.

To address this vulnerability, we strongly recommend that developers implement access control policies to ensure that only privileged users or the owner can access the order information.

Recently, our team found an arbitrary order item detail access vulnerability in the latest version of the project. The vulnerability logic is present in the file:
https://github.com/D2C-Cai/shop-mall/blob/master/shop-api/shop-api-business/src/main/java/com/d2c/shop/business/api/OrderItemController.java#L53

Access to the /b_api/order_item/{id} API is unauthorized, allowing attackers to manipulate the path variable id and access other users' order item details, potentially compromising user privacy data.

To address this vulnerability, we strongly recommend that developers implement access control policies to ensure that only privileged users or the owner can access the order information.

Recently, our team found an arbitrary order item detail access vulnerability (different with #10) in the latest version of the project. The vulnerability logic is present in the file:
https://github.com/D2C-Cai/shop-mall/blob/master/shop-api/shop-api-customer/src/main/java/com/d2c/shop/customer/api/OrderItemController.java#L70

Access to the /c_api/order_item/{id} API is unauthorized, allowing attackers to manipulate the path variable id and access other users' order item details, potentially compromising user privacy data.

To address this vulnerability, we strongly recommend that developers implement access control policies to ensure that only privileged users or the owner can access the order information.

Recently, our team found an arbitrary order detail access vulnerability in the latest version of the project. The vulnerability logic is present in the file:
https://github.com/D2C-Cai/shop-mall/blob/master/shop-api/shop-api-business/src/main/java/com/d2c/shop/business/api/OrderController.java#L73

Access to the /b_api/order/{id} API is unauthorized, allowing attackers to manipulate the path variable id and access other users' order details, potentially compromising user privacy data.

To address this vulnerability, we strongly recommend that developers implement access control policies to ensure that only privileged users or the owner can access the order information.