CVE-2015-4671 – OpenCart 2.1.0.1 Cross Site Scripting
https://notcve.org/view.php?id=CVE-2015-4671
Cross-site scripting (XSS) vulnerability in OpenCart before 2.1.0.2 allows remote attackers to inject arbitrary web script or HTML via the zone_id parameter to index.php. Vulnerabilidad de XSS en OpenCart en versiones anteriores a 2.1.0.2 permite a atacantes remotos inyectar secuencias de comandos web o HTML arbitrarios a través de el parámetro zone_id para index.php. OpenCart version 2.1.0.1 suffers from a cross site scripting vulnerability. • http://packetstormsecurity.com/files/135163/OpenCart-2.1.0.1-Cross-Site-Scripting.html http://seclists.org/fulldisclosure/2016/Jan/17 https://github.com/opencart/opencart/commit/303fa88fe664ded4bf8753b997abd916f0a3c03f https://github.com/opencart/opencart/releases/tag/2.1.0.2 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2014-3990 – OpenCart 1.5.6.4 PHP Object Injection
https://notcve.org/view.php?id=CVE-2014-3990
The Cart::getProducts method in system/library/cart.php in OpenCart 1.5.6.4 and earlier allows remote attackers to conduct server-side request forgery (SSRF) attacks or possibly conduct XML External Entity (XXE) attacks and execute arbitrary code via a crafted serialized PHP object, related to the quantity parameter in an update request. El método Cart::getProducts en system/library/cart.php en OpenCart, en versiones 1.5.6.4 y anteriores, permite que atacantes remotos lleven a cabo ataques de SSRF (Server-Side Request Forgery) o de XEE (XML External Entity), así como ejecutar código arbitrario mediante un objeto PHP serializado manipulado. Esto se relaciona con el parámetro quantity en una petición de actualización. OpenCart versions 1.5.6.4 and below suffer from a PHP objection injection vulnerability. • http://karmainsecurity.com/KIS-2014-08 http://packetstormsecurity.com/files/127460/OpenCart-1.5.6.4-PHP-Object-Injection.html http://seclists.org/fulldisclosure/2014/Jul/67 http://www.securityfocus.com/archive/1/532763/100/0/threaded http://www.securityfocus.com/bid/68529 https://github.com/opencart-ce/opencart-ce/commit/c2aafc823bd85876f5e888f8ebc421069a5e076f • CWE-611: Improper Restriction of XML External Entity Reference CWE-918: Server-Side Request Forgery (SSRF) •
CVE-2011-3763
https://notcve.org/view.php?id=CVE-2011-3763
OpenCart 1.4.9.3 allows remote attackers to obtain sensitive information via a direct request to a .php file, which reveals the installation path in an error message, as demonstrated by system/startup.php and certain other files. OpenCart v1.4.9.3 permite a atacantes remotos obtener información sensible a través de una petición directa a un archivo .php, lo que revela la ruta de instalación en un mensaje de error, como se demostró con system/startup.php y algunos otros archivos. • http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/%21_README http://code.google.com/p/inspathx/source/browse/trunk/paths_vuln/opencart_v1.4.9.3 http://www.openwall.com/lists/oss-security/2011/06/27/6 https://exchange.xforce.ibmcloud.com/vulnerabilities/70609 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •