CVE-2009-1621
CVE-2009-1621 affects OpenCart 1.1.8 where index.php's route parameter is not properly sanitized, causing a local file include (LFI). An attacker can read arbitrary files and, in some configurations, possibly execute PHP code under the webserver user. References describe OpenCart LFI in 1.1.8 and...