CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

95 matches found

CVE•added 2026/05/17 12:11 p.m.•15 views

CVE-2018-25336

Joomla jCart for OpenCart 2.3.0.2 has a cross-site request forgery (CSRF) vulnerability. The issue allows an attacker to modify user account information without authentication by crafting malicious HTML forms targeting endpoints, resulting in changes to user credentials, passwords, and affiliate ...

6.9CVSS5.7AI score0.00191EPSS

Exploits0References4

Vulnrichment•added 2026/05/17 12:11 p.m.•7 views

CVE-2018-25336 jCart for OpenCart 2.3.0.2 Cross-Site Request Forgery

jCart for OpenCart 2.3.0.2 contains a cross-site request forgery vulnerability that allows attackers to modify user account information without authentication. Attackers can craft malicious HTML forms targeting endpoints , and to change user credentials, passwords, and affiliate account details...

6.9CVSS5.7AI score0.00191EPSS

Exploits0References4

Snyk•added 2026/05/10 2:20 p.m.•4 views

User Impersonation

Overview opencart/opencart is a shopping cart system Affected versions of this package are vulnerable to User Impersonation via the OCSESSID cookie. An attacker can gain unauthorized access to user accounts by injecting arbitrary values into the session cookie, allowing session takeover...

9.8CVSS5.9AI score0.00423EPSS

Exploits0References2

Snyk•added 2026/05/10 2:19 p.m.•6 views

Cross-site Request Forgery (CSRF)

Overview opencart/opencart is a shopping cart system Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via the /account/edit endpoint. An attacker can alter account details, such as email addresses, by tricking users into visiting malicious pages, and subsequentl...

8.3CVSS5.8AI score0.00151EPSS

Exploits0References2

NVD•added 2026/05/10 1:16 p.m.•10 views

CVE-2021-47953

OpenCart 3.0.3.7 contains a cross-site request forgery vulnerability that allows attackers to change user passwords by sending crafted requests to the account/password endpoint. Attackers can trick authenticated users into submitting hidden forms with new password values in the 'password' and...

5.3CVSS0.00126EPSS

Exploits0References2

Vulnrichment•added 2026/05/10 12:52 p.m.•7 views

CVE-2021-47953 OpenCart 3.0.3.7 Cross-Site Request Forgery via account/password

5.3CVSS5.7AI score0.00126EPSS

Exploits0References2

ATTACKERKB•added 2026/05/10 12:52 p.m.•6 views

CVE-2021-47953

5.3CVSS5.7AI score0.00126EPSS

Exploits0References2Affected Software1

CNNVD•added 2026/05/10 12:0 a.m.•7 views

OpenCart 安全漏洞

OpenCart is an open-source e-commerce system developed by the OpenCart team in China. This system provides modules for product reviews, product ratings, and product addition. Version 3.0.3.8 of OpenCart has a security vulnerability, which stems from a session fixation vulnerability. This...

9.8CVSS5.9AI score0.00423EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 12:15 p.m.•6 views

CVE-2018-1000640

OpenCart-Overclocked version =1.11.1 contains a Cross Site Scripting XSS vulnerability in User input entered unsanitised within JS function in the template that can result in Unauthorised actions and access to data, stealing session information, denial of service. This attack appear to be...

6.1CVSS6AI score0.00864EPSS

Exploits0References1