CVE-2025-30073

High CVSS: 7.5

An issue was discovered in OPC cardsystems Webapp Aufwertung 2.1.0. The reference assigned to transactions can be reused. When completing a payment, the first or all transactions with the same reference are completed, depending on timing. This can be used to transfer more money onto employee cards than is paid.

Vendor

Product

CWE

CWE-488

Yayın Tarihi

2025-03-26 20:15:22

Güncelleme

2025-03-27 16:45:27

Source Identifier

cve@mitre.org

KEV Date Added

Kategoriler

CWE-488 HIGH 2025

Referanslar

https://www.syss.de/pentest-blog/businesslogik-fehler-bei-aufwertung-von-geldkarten-in-opcr-webapp-aufwertung-syss-2024-089