Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2 allows an authenticated user with access/modify privilege on the Log component to empty out arbitrary files on the server
Max CVSS
8.8
EPSS Score
0.09%
Published
2023-09-27
Updated
2023-09-27
OpenCart through 3.0.2.0 allows directory traversal in the editDownload function in admin\model\catalog\download.php via admin/index.php?route=catalog/download/edit, related to the download_id. For example, an attacker can download ../../config.php.
Max CVSS
4.9
EPSS Score
0.12%
Published
2018-05-26
Updated
2018-06-29
The "program extension upload" feature in OpenCart through 3.0.2.0 has a six-step process (upload, install, unzip, move, xml, remove) that allows attackers to execute arbitrary code if the remove step is skipped, because the attacker can discover a secret temporary directory name (containing 10 random digits) via a directory traversal attack involving language_info['code'].
Max CVSS
8.0
EPSS Score
0.08%
Published
2018-05-26
Updated
2018-06-29
In OpenCart 1.4.7 to 1.5.5.1, implemented anti-traversal code in filemanager.php is ineffective and can be bypassed.
Max CVSS
6.5
EPSS Score
0.78%
Published
2022-06-24
Updated
2022-07-07
Directory traversal vulnerability in index.php in OpenCart 1.1.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the route parameter.
Max CVSS
5.0
EPSS Score
3.11%
Published
2009-05-12
Updated
2018-10-10
5 vulnerabilities found