Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2 allows an authenticated user with access/modify privilege on the Log component to empty out arbitrary files on the server
Max CVSS
8.8
EPSS Score
0.09%
Published
2023-09-27
Updated
2023-09-27
OpenCart through 3.0.2.0 allows directory traversal in the editDownload function in admin\model\catalog\download.php via admin/index.php?route=catalog/download/edit, related to the download_id. For example, an attacker can download ../../config.php.
Max CVSS
4.9
EPSS Score
0.12%
Published
2018-05-26
Updated
2018-06-29
The "program extension upload" feature in OpenCart through 3.0.2.0 has a six-step process (upload, install, unzip, move, xml, remove) that allows attackers to execute arbitrary code if the remove step is skipped, because the attacker can discover a secret temporary directory name (containing 10 random digits) via a directory traversal attack involving language_info['code'].
Max CVSS
8.0
EPSS Score
0.08%
Published
2018-05-26
Updated
2018-06-29
In OpenCart 1.4.7 to 1.5.5.1, implemented anti-traversal code in filemanager.php is ineffective and can be bypassed.
Max CVSS
6.5
EPSS Score
0.78%
Published
2022-06-24
Updated
2022-07-07
Directory traversal vulnerability in index.php in OpenCart 1.1.8 allows remote attackers to read arbitrary files via a .. (dot dot) in the route parameter.
Max CVSS
5.0
EPSS Score
0.77%
Published
2009-05-12
Updated
2018-10-10
5 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!