CVE-2024-21517
https://notcve.org/view.php?id=CVE-2024-21517
This affects versions of the package opencart/opencart from 4.0.0.0. A reflected XSS issue was identified in the redirect parameter of customer account/login route. An attacker can inject arbitrary HTML and Javascript into the page response. As this vulnerability is present in the account functionality it could be used to target and attack customers of the OpenCart shop. **Notes:** 1) The fix for this vulnerability is incomplete Esto afecta a las versiones del paquete opencart/opencart desde 4.0.0.0. • https://github.com/opencart/opencart/commit/0fd1ee4b6c94366bf3e5d3831a8336f3275d1860 https://security.snyk.io/vuln/SNYK-PHP-OPENCARTOPENCART-7266577 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2024-21515
https://notcve.org/view.php?id=CVE-2024-21515
This affects versions of the package opencart/opencart from 4.0.0.0. A reflected XSS issue was identified in the filename parameter of the admin tool/log route. An attacker could obtain a user's token by tricking the user to click on a maliciously crafted URL. The user is then prompted to login and redirected again upon authentication with the payload automatically executing. If the attacked user has admin privileges, this vulnerability could be used as the start of a chain of exploits like Zip Slip or arbitrary file write vulnerabilities in the admin functionality. • https://github.com/opencart/opencart/commit/c546199e8f100c1f3797a7a9d3cf4db1887399a2 https://security.snyk.io/vuln/SNYK-PHP-OPENCARTOPENCART-7266573 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2023-47444
https://notcve.org/view.php?id=CVE-2023-47444
An issue discovered in OpenCart 4.0.0.0 to 4.0.2.3 allows authenticated backend users having common/security write privilege can write arbitrary untrusted data inside config.php and admin/config.php, resulting in remote code execution on the underlying server. Un problema descubierto en OpenCart 4.0.0.0 a 4.0.2.3 permite que los usuarios backend autenticados que tienen privilegios de escritura comunes/de seguridad puedan escribir datos arbitrarios que no sean de confianza dentro de config.php y admin/config.php, lo que resulta en la ejecución remota de código en el servidor subyacente. • https://0xbro.red/disclosures/disclosed-vulnerabilities/opencart-cve-2023-47444 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2023-2315 – Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2
https://notcve.org/view.php?id=CVE-2023-2315
Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2 allows an authenticated user with access/modify privilege on the Log component to empty out arbitrary files on the server Path Traversal en las versiones 4.0.0.0 a 4.0.2.2 de OpenCart permite a un usuario autenticado con privilegios de acceso/modificación en el componente de Log vaciar archivos arbitrarios en el servidor • https://github.com/opencart/opencart/commit/0a8dd91e385f70e42795380009fd644224c1bc97 https://starlabs.sg/advisories/23/23-2315 • CWE-20: Improper Input Validation CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2023-40834 – OpenCart CMS 4.0.2.2 Brute Force
https://notcve.org/view.php?id=CVE-2023-40834
OpenCart CMS v4.0.2.2 was discovered to lack a protective mechanism on its login page against excessive login attempts, allowing unauthenticated attackers to gain access to the application via a brute force attack to the password parameter. OpenCart v4.0.2.2 es vulnerable al Ataque de Fuerza bruta. OpenCart CMS version 4.0.2.2 suffers from a login brute forcing vulnerability. • https://packetstormsecurity.com/files/174525/OpenCart-CMS-4.0.2.2-Brute-Force.html https://www.opencart.com • CWE-307: Improper Restriction of Excessive Authentication Attempts •