Lucene search
HistorySep 27, 2023 - 3:18 p.m.
CVE-2023-2315
cve-2023-2315
path traversal
opencart
security vulnerability
authentication
server security
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.5 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.3%
Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2 allows an authenticated user with access/modify privilege on the Log component to empty out arbitrary files on the server
Affected configurations
Node
opencartopencartRange4.0.0.0–4.0.2.2
| CPE | Name | Operator | Version |
|---|---|---|---|
| opencart:opencart | opencart | le | 4.0.2.2 |
CNA Affected
[
{
"defaultStatus": "unaffected",
"modules": [
"Logs"
],
"product": "Opencart",
"repo": "https://github.com/opencart/opencart",
"vendor": "Opencart",
"versions": [
{
"lessThanOrEqual": "4.0.2.2",
"status": "affected",
"version": "4.0.0.0",
"versionType": "git"
}
]
}
]Related
github
github
OpenCart Path Traversal vulnerability
2023-09-27 15:30:34
osv
osv
OpenCart Path Traversal vulnerability
2023-09-27 15:30:34
CVE-2023-2315
2023-09-27 15:18:50
cvelist
cvelist
CVE-2023-2315 Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2
2023-09-26 04:36:21
nvd
nvd
CVE-2023-2315
2023-09-27 15:18:50
prion
prion
Path traversal
2023-09-27 15:18:00
cnvd
cnvd
OpenCart Path Traversal Vulnerability
2023-09-28 00:00:00
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
8.5 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
39.3%
Related for CVE-2023-2315