Qualifio Wheel of Fortune Input Validation Vulnerability Allowing Prize Exploitation

Vulnerability

An input validation vulnerability has been identified in Qualifio's Wheel of Fortune. This issue allows an attacker to manipulate an email address by adding a ‘+’ symbol, enabling repeated access to the application and the ability to win prizes multiple times.

Impact

Exploitation of this vulnerability could lead to unauthorized access to the application, allowing users to win prizes repeatedly.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

7.4

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Qualifio Wheel of Fortune Input Validation Vulnerability Allowing Prize Exploitation

Vulnerability

Impact

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating