Remhopster

**Name of the Vulnerable Software and Affected Versions** kirilkirkov Ecommerce-Laravel-Bootstrap up to 1f1097a3448ce8ec53e034ea0f70b8e2a0e64a87 **Description** A critical issue has been found in the function `getCartProductsIds` of the file `app/Cart.php`. The manipulation of the argument `laraCart` leads to deserialization. This issue can be exploited remotely. The exploit has been disclosed to the public and may be used. **Recommendations** To fix this issue, it is recommended to apply a patch, specifically the one named `a02111a674ab49f65018b31da3011b1e396f59b1`. As a temporary workaround, consider disabling the `getCartProductsIds` function until a patch is available. Restrict access to the `app/Cart.php` file to minimize the risk of exploitation. Avoid using the argument `laraCart` until the issue is resolved.