CVE-2025-0615 | HackTesting

Input validation vulnerability in Qualifio's Wheel of Fortune. This vulnerability allows an attacker to modify an email to contain the ‘+’ symbol to access the application and win prizes as many times as wanted.

Credits

Aldayr Ruiz (xsmaky)

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-qualifios-wheel-fortune