5 matches found
OpenCart-Overclocked Cross-Site Scripting Vulnerability
OpenCart-Overclocked is an open source shopping cart application. A cross-site scripting vulnerability exists in upload/admin/view/template/extension/openbay.tplL95 in OpenCart-Overclocked 1.11.1 and earlier versions, which stems from the program not filtering user input. A remote attacker could...
Cross-site Scripting (XSS)
villagedefrance/opencart-overclocked is vulnerable to cross-site scripting XSS attacks. The library does not properly sanitize the $GET'token' variable in OpenCart-Overclocked/upload/admin/view/template/extension/openbay.tpl, allowing a malicious user to inject and execute arbitrary code...
CVE-2018-1000640
OpenCart-Overclocked version =1.11.1 contains a Cross Site Scripting XSS vulnerability in User input entered unsanitised within JS function in the template that can result in Unauthorised actions and access to data, stealing session information, denial of service. This attack appear to be...
CVE-2018-1000640
OpenCart-Overclocked version =1.11.1 contains a Cross Site Scripting XSS vulnerability in User input entered unsanitised within JS function in the template that can result in Unauthorised actions and access to data, stealing session information, denial of service. This attack appear to be...
CVE-2018-1000640
OpenCart-Overclocked version =1.11.1 contains a Cross Site Scripting XSS vulnerability in User input entered unsanitised within JS function in the template that can result in Unauthorised actions and access to data, stealing session information, denial of service. This attack appear to be...