| 제목 | devs.mx OpenCart Lightning 4.43 Deserialization of Untrusted Data |
|---|
| 설명 | The OpenCart Lightning module has a PHP Object Injection vulnerability as a result of Deserialization of Untrusted Data.
(POP/) Gadget Chains exist in OpenCart (3 and 4) which allow Object Injection vulnerabilities to be exploited, for example to write arbitrary files or achieve Remote Code Execution.
Such an attack could result in the compromise of a site. |
|---|
| 원천 | ⚠️ https://gist.github.com/mcdruid/f8153d7d535c0fcba920e83a64953d4e |
|---|
| 사용자 | mcdruid (UID 79710) |
|---|
| 제출 | 2025. 01. 26. PM 02:54 (1 년도 ago) |
|---|
| 모더레이션 | 2025. 02. 02. AM 10:04 (7 days later) |
|---|
| 상태 | 수락 |
|---|
| VulDB 항목 | 294365 [MaxD Lightning Module 4.43/4.44 켜짐 OpenCart li_op/md 권한 상승] |
|---|
| 포인트들 | 18 |
|---|