Vulnerability CVE-2021-4031


Published: 2022-03-18

Description:
Syltek application before its 10.22.00 version, does not correctly check that a product ID has a valid payment associated to it. This could allow an attacker to forge a request and bypass the payment system by marking items as payed without any verification.

 References:
https://www.incibe-cert.es/en/early-warning/security-advisories/syltek-insufficient-verification-data-authenticity

Copyright 2026, cxsecurity.com

 

Back to Top