Opencart : Security Vulnerabilities, CVEs, (Sql injection)

CVE-2021-37823

OpenCart 3.0.3.7 allows users to obtain database information or read server files through SQL injection in the background.
Max CVSS
4.9
EPSS Score
0.07%
Published
2022-11-03
Updated
2022-12-03

CVE-2020-20491

SQL injection vulnerability in OpenCart v.2.2.00 thru 3.0.3.2 allows a remote attacker to execute arbitrary code via the Fba plugin function in upload/admin/index.php.
Max CVSS
7.2
EPSS Score
0.06%
Published
2023-06-20
Updated
2023-06-27

CVE-2016-10509

SQL injection vulnerability in the updateAmazonOrderTracking function in upload/admin/model/openbay/amazon.php in OpenCart before version 2.3.0.0 allows remote authenticated administrators to execute arbitrary SQL commands via a carrier (aka courier_id) parameter to openbay.php.
Max CVSS
7.2
EPSS Score
0.09%
Published
2017-08-31
Updated
2017-09-06

CVE-2010-0956

SQL injection vulnerability in index.php in OpenCart 1.3.2 allows remote attackers to execute arbitrary SQL commands via the page parameter.
Max CVSS
7.5
EPSS Score
0.12%
Published
2010-03-10
Updated
2010-06-23

CVE-2009-1027

SQL injection vulnerability in OpenCart 1.1.8 allows remote attackers to execute arbitrary SQL commands via the order parameter.
Max CVSS
7.5
EPSS Score
0.25%
Published
2009-03-20
Updated
2018-10-10
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close