| عنوان | ShipRocket OpenCart module v3 Incorrect Authorization |
|---|
| الوصف | The ShipRocket OpenCart Rest API module has an access bypass vulnerability, as a result of a logic error and type confusion in PHP.
This allows an unauthenticated attacker to access Personally Identifiable Information (PII) and other potentially sensitive information stored in the site's database.
It may also be possible to make changes to the site's database. |
|---|
| المصدر | ⚠️ https://gist.github.com/mcdruid/0d1fdbba445587639ee5da66e7abfcc9 |
|---|
| المستخدم | mcdruid (UID 79710) |
|---|
| ارسال | 07/01/2025 11:48 PM (1 سنة منذ) |
|---|
| الاعتدال | 19/01/2025 08:54 PM (12 days later) |
|---|
| الحالة | تمت الموافقة |
|---|
| إدخال VulDB | 292598 [Shiprocket Module 3 على OpenCart REST API rest_api&action=getOrders contentHash تجاوز الصلاحيات] |
|---|
| النقاط | 18 |
|---|