Exposición de OpenCart
CMS, Ecommerce36
score de exposición
21.422
sitios usan
0
en explotación
1
críticos
CVEs
23 resultadosCVE-2024-21514HIGHThis affects versions of the package opencart/opencart from 0.0.0. An SQL Injection issue was identified in the Divido payment extension forEPSS 19.1%CVE-2024-21518HIGHThis affects versions of the package opencart/opencart from 4.0.0.0. A Zip Slip issue was identified via the marketplace installer due to imEPSS 14.1%CVE-2013-1891—In OpenCart 1.4.7 to 1.5.5.1, implemented anti-traversal code in filemanager.php is ineffective and can be bypassed.EPSS 6.1%CVE-2023-2315HIGHPath Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2EPSS 0.8%CVE-2024-21519MEDIUMThis affects versions of the package opencart/opencart from 4.0.0.0. An Arbitrary File Creation issue was identified via the database restorEPSS 0.7%CVE-2021-47923CRITICALOpenCart 3.0.3.8 Session Fixation via OCSESSID CookieEPSS 0.4%CVE-2026-5331MEDIUMOpenCart Extension Installer installer.php path traversalEPSS 0.4%CVE-2024-21517LOWThis affects versions of the package opencart/opencart from 4.0.0.0. A reflected XSS issue was identified in the redirect parameter of custoEPSS 0.4%CVE-2025-15116MEDIUMOpenCart Single-Use Coupon race conditionEPSS 0.4%CVE-2025-22335HIGHWordPress Opencart Product in WP plugin <= 1.0.1 - Reflected Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2024-51835MEDIUMWordPress OpenCart Product Display plugin <= 1.0 - Cross Site Scripting (XSS) vulnerabilityEPSS 0.4%CVE-2024-21515LOWThis affects versions of the package opencart/opencart from 4.0.0.0. A reflected XSS issue was identified in the filename parameter of the aEPSS 0.4%CVE-2024-21516LOWThis affects versions of the package opencart/opencart from 4.0.0.0 and before 4.1.0.0. A reflected XSS issue was identified in the directorEPSS 0.4%CVE-2024-58341HIGHOpenCart Core 4.0.2.3 SQL Injection via search ParameterEPSS 0.3%CVE-2017-20282HIGHJoomla! Component jCart for OpenCart 2.0 SQL InjectionEPSS 0.3%CVE-2026-3714MEDIUMOpenCart Incomplete Fix CVE-2024-36694 template.php save special elements used in a template engineEPSS 0.3%CVE-2025-1747MEDIUMHTML injection vulnerability in OpenCartEPSS 0.2%CVE-2025-1748MEDIUMHTML injection vulnerability in OpenCartEPSS 0.2%CVE-2025-1749MEDIUMHTML injection vulnerability in OpenCartEPSS 0.2%CVE-2025-1746MEDIUMCross-Site Scripting vulnerability in OpenCartEPSS 0.2%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →