3 matches found
CVE-2016-10509
SQL injection vulnerability in the updateAmazonOrderTracking function in upload/admin/model/openbay/amazon.php in OpenCart before version 2.3.0.0 allows remote authenticated administrators to execute arbitrary SQL commands via a carrier aka courierid parameter to openbay.php...
Sql injection
SQL injection vulnerability in the updateAmazonOrderTracking function in upload/admin/model/openbay/amazon.php in OpenCart before version 2.3.0.0 allows remote authenticated administrators to execute arbitrary SQL commands via a carrier aka courierid parameter to openbay.php...
OpenCart 1.5.6.1 - openbay Multiple SQL Injections
OpenCart 1.5.6.1 - openbay Multiple SQL Injections Exploit Title : OpenCart log'getEbayItemId - Product ID: '.$productid; $qry = $this-db-query"SELECT ebayitemid FROM " . DBPREFIX . "ebaylisting WHERE productid = '".$productid."' AND status = '1' LIMIT 1"; .............. Function is called on man...