CVE-2018-11495
CVE-2018-11495 affects OpenCart up to version 3.0.2.0. The vulnerability is a directory traversal in the editDownload path (admin/model/catalog/download.php) accessible via admin/index.php?route=catalog/download/edit, involving the download_id parameter. An attacker can request traversal strings ...