Rudranshsinghrajpurohit

**Name of the Vulnerable Software and Affected Versions** WebKul Bagisto version 2.3.6 **Description** A flaw exists that enables remote code execution through the Cart/Checkout API endpoint. The price calculation logic does not properly validate the quantity of items, allowing for potential code execution. The vulnerable API endpoint is `/Cart/Checkout`. The vulnerable input is the quantity parameter. **Recommendations** Update to a newer version that contains a fix for this vulnerability.