CVE-2024-53476

EIP tracks 1 public exploit for CVE-2024-53476. PoCs published by AbdullahAlmutawa.

AI-analyzed exploit summary This repository describes a race condition vulnerability (CVE-2024-53476) in SimplCommerce's checkout logic, allowing multiple users to purchase more products than are in stock via simultaneous requests. The writeup includes detection methods, tested versions, and disclosure timeline but lacks exploit code.

A race condition vulnerability in SimplCommerce at commit 230310c8d7a0408569b292c5a805c459d47a1d8f allows attackers to bypass inventory restrictions by simultaneously submitting purchase requests from multiple accounts for the same product. This can lead to overselling when stock is limited, as the system fails to accurately track inventory under high concurrency, resulting in potential loss and unfulfilled orders.