4 matches found
CVE-2014-3990
The CVE-2014-3990 entries describe an OpenCart
OpenCart 1.5.6.4 PHP Object Injection Vulnerability
Exploit for php platform in category web applications OpenCart session-data'cart' as $key = $quantity $product = explode':', $key; $productid = $product0; $stock = true; // Options if !empty$product1 $options = unserializebase64decode$product1; else $options = array; The vulnerability exists...
[KIS-2014-08] OpenCart <= 1.5.6.4 (cart.php) PHP Object Injection Vulnerability
----------------------------------------------------------------- OpenCart = 1.5.6.4 cart.php PHP Object Injection Vulnerability ----------------------------------------------------------------- - Software Link: http://www.opencart.com/ - Affected Versions: Version 1.5.6.4 and prior versions. -...
OpenCart 1.5.6.4 PHP Object Injection
----------------------------------------------------------------- OpenCart session-data'cart' as $key = $quantity 24. $product = explode':', $key; 25. $productid = $product0; 26. $stock = true; 27. 28. // Options 29. if !empty$product1 30. $options = unserializebase64decode$product1; 31. else 32...