| Название | ShipRocket OpenCart module v3 Incorrect Authorization |
|---|
| Описание | The ShipRocket OpenCart Rest API module has an access bypass vulnerability, as a result of a logic error and type confusion in PHP.
This allows an unauthenticated attacker to access Personally Identifiable Information (PII) and other potentially sensitive information stored in the site's database.
It may also be possible to make changes to the site's database. |
|---|
| Источник | ⚠️ https://gist.github.com/mcdruid/0d1fdbba445587639ee5da66e7abfcc9 |
|---|
| Пользователь | mcdruid (UID 79710) |
|---|
| Представление | 07.01.2025 23:48 (1 Год назад) |
|---|
| Модерация | 19.01.2025 20:54 (12 days later) |
|---|
| Статус | принято |
|---|
| Запись VulDB | 292598 [Shiprocket Module 3 на OpenCart REST API rest_api&action=getOrders contentHash эскалация привилегий] |
|---|
| Баллы | 18 |
|---|