Отправить #476831: ShipRocket OpenCart module v3 and v4 SQL InjectionИнформация

НазваниеShipRocket OpenCart module v3 and v4 SQL Injection
ОписаниеThe ShipRocket OpenCart Rest API module has multiple SQL Injection (SQLi) vulnerabilities. The most serious of these allows an unauthenticated attacker to access any and all content stored in the database. Via the SQLi vulnerability it's possible to compromise the site by exfiltrating admin session details / credentials. Any Personally Identifiable Information (PII) and/or payment details stored in the site's database would also be vulnerable to exfiltration.
Источник⚠️ https://gist.github.com/mcdruid/3c9fc9bd4e882cee21f8a37998f56fce
Пользователь
 mcdruid (UID 79710)
Представление07.01.2025 23:46 (1 Год назад)
Модерация19.01.2025 20:54 (12 days later)
Статуспринято
Запись VulDB292597 [Shiprocket Module 3/4 на OpenCart REST API restapi x-username SQL-инъекция]
Баллы20

ПредыдущийОбзорДалее

Want to know what is going to be exploited?

We predict KEV entries!