Search criteria
2 vulnerabilities found for Online Ordering System by RestApp Inc.
CVE-2024-7488 (GCVE-0-2024-7488)
Vulnerability from nvd – Published: 2024-12-04 14:03 – Updated: 2025-10-21 14:09
VLAI?
Title
Business Logic Error in RestApp Inc.'s Online Ordering System
Summary
Integer Overflow or Wraparound, Improper Validation of Specified Quantity in Input vulnerability in RestApp Inc. Online Ordering System allows Integer Attacks.
This issue affects Online Ordering System: 8.2.1.
NOTE: Vulnerability fixed in version 8.2.2 and does not exist before 8.2.1.
Severity ?
5.3 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RestApp Inc. | Online Ordering System |
Affected:
8.2.1
(custom)
Unaffected: 0 , ≤ 8.2.2 (custom) |
Credits
Yagiz BILGILI
Privia Security Inc.
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:restapp:online_ordering_system:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "online_ordering_system",
"vendor": "restapp",
"versions": [
{
"lessThanOrEqual": "04.12.2024",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7488",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T14:31:14.564794Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T14:09:32.523Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Online Ordering System",
"vendor": "RestApp Inc.",
"versions": [
{
"status": "affected",
"version": "8.2.1",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.2.2",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Yagiz BILGILI"
},
{
"lang": "en",
"type": "sponsor",
"value": "Privia Security Inc."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Integer Overflow or Wraparound, Improper Validation of Specified Quantity in Input vulnerability in RestApp Inc. Online Ordering System allows Integer Attacks.\u003cp\u003e\n\u003c/p\u003e\u003cp\u003eThis issue affects Online Ordering System: 8.2.1. \u003c/p\u003e\u003cp\u003eNOTE: Vulnerability fixed in version 8.2.2 and does not exist before 8.2.1.\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Integer Overflow or Wraparound, Improper Validation of Specified Quantity in Input vulnerability in RestApp Inc. Online Ordering System allows Integer Attacks.\n\n\nThis issue affects Online Ordering System: 8.2.1. \n\nNOTE: Vulnerability fixed in version 8.2.2 and does not exist before 8.2.1."
}
],
"impacts": [
{
"capecId": "CAPEC-128",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-128 Integer Attacks"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T13:03:48.586Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-1877"
}
],
"source": {
"advisory": "TR-24-1877",
"defect": [
"TR-24-1877"
],
"discovery": "UNKNOWN"
},
"title": "Business Logic Error in RestApp Inc.\u0027s Online Ordering System",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2024-7488",
"datePublished": "2024-12-04T14:03:49.141Z",
"dateReserved": "2024-08-05T13:32:43.125Z",
"dateUpdated": "2025-10-21T14:09:32.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-7488 (GCVE-0-2024-7488)
Vulnerability from cvelistv5 – Published: 2024-12-04 14:03 – Updated: 2025-10-21 14:09
VLAI?
Title
Business Logic Error in RestApp Inc.'s Online Ordering System
Summary
Integer Overflow or Wraparound, Improper Validation of Specified Quantity in Input vulnerability in RestApp Inc. Online Ordering System allows Integer Attacks.
This issue affects Online Ordering System: 8.2.1.
NOTE: Vulnerability fixed in version 8.2.2 and does not exist before 8.2.1.
Severity ?
5.3 (Medium)
CWE
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| RestApp Inc. | Online Ordering System |
Affected:
8.2.1
(custom)
Unaffected: 0 , ≤ 8.2.2 (custom) |
Credits
Yagiz BILGILI
Privia Security Inc.
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:restapp:online_ordering_system:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "online_ordering_system",
"vendor": "restapp",
"versions": [
{
"lessThanOrEqual": "04.12.2024",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-7488",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-04T14:31:14.564794Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T14:09:32.523Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Online Ordering System",
"vendor": "RestApp Inc.",
"versions": [
{
"status": "affected",
"version": "8.2.1",
"versionType": "custom"
},
{
"lessThanOrEqual": "8.2.2",
"status": "unaffected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Yagiz BILGILI"
},
{
"lang": "en",
"type": "sponsor",
"value": "Privia Security Inc."
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Integer Overflow or Wraparound, Improper Validation of Specified Quantity in Input vulnerability in RestApp Inc. Online Ordering System allows Integer Attacks.\u003cp\u003e\n\u003c/p\u003e\u003cp\u003eThis issue affects Online Ordering System: 8.2.1. \u003c/p\u003e\u003cp\u003eNOTE: Vulnerability fixed in version 8.2.2 and does not exist before 8.2.1.\u003c/p\u003e\n\n\u003cp\u003e\u003c/p\u003e"
}
],
"value": "Integer Overflow or Wraparound, Improper Validation of Specified Quantity in Input vulnerability in RestApp Inc. Online Ordering System allows Integer Attacks.\n\n\nThis issue affects Online Ordering System: 8.2.1. \n\nNOTE: Vulnerability fixed in version 8.2.2 and does not exist before 8.2.1."
}
],
"impacts": [
{
"capecId": "CAPEC-128",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-128 Integer Attacks"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-190",
"description": "CWE-190 Integer Overflow or Wraparound",
"lang": "en",
"type": "CWE"
}
]
},
{
"descriptions": [
{
"cweId": "CWE-1284",
"description": "CWE-1284 Improper Validation of Specified Quantity in Input",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T13:03:48.586Z",
"orgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"shortName": "TR-CERT"
},
"references": [
{
"url": "https://www.usom.gov.tr/bildirim/tr-24-1877"
}
],
"source": {
"advisory": "TR-24-1877",
"defect": [
"TR-24-1877"
],
"discovery": "UNKNOWN"
},
"title": "Business Logic Error in RestApp Inc.\u0027s Online Ordering System",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "ca940d4e-fea4-4aa2-9a58-591a58b1ce21",
"assignerShortName": "TR-CERT",
"cveId": "CVE-2024-7488",
"datePublished": "2024-12-04T14:03:49.141Z",
"dateReserved": "2024-08-05T13:32:43.125Z",
"dateUpdated": "2025-10-21T14:09:32.523Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}