PT-2022-10672 · Opencart · Opencart
Published
2022-11-03
·
Updated
2022-12-03
·
CVE-2021-37823
CVSS v3.1
4.9
Medium
| Vector | AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
OpenCart version 3.0.3.7
Description
The issue allows users to obtain database information or read server files through SQL injection in the background. This can potentially lead to unauthorized access to sensitive data.
Recommendations
For OpenCart version 3.0.3.7, at the moment, there is no information about a newer version that contains a fix for this vulnerability.
Exploit
SQL injection
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Opencart