Lucene search
K

5 matches found

CNVD
CNVD
added 2018/08/22 12:0 a.m.3 views

OpenCart-Overclocked Cross-Site Scripting Vulnerability

OpenCart-Overclocked is an open source shopping cart application. A cross-site scripting vulnerability exists in upload/admin/view/template/extension/openbay.tplL95 in OpenCart-Overclocked 1.11.1 and earlier versions, which stems from the program not filtering user input. A remote attacker could...

6.1CVSS6AI score0.00864EPSS
Exploits0References1
Veracode
Veracode
added 2018/08/21 8:37 a.m.15 views

Cross-site Scripting (XSS)

villagedefrance/opencart-overclocked is vulnerable to cross-site scripting XSS attacks. The library does not properly sanitize the $GET'token' variable in OpenCart-Overclocked/upload/admin/view/template/extension/openbay.tpl, allowing a malicious user to inject and execute arbitrary code...

6.1CVSS6AI score0.00864EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2018/08/20 7:31 p.m.10 views

CVE-2018-1000640

OpenCart-Overclocked version =1.11.1 contains a Cross Site Scripting XSS vulnerability in User input entered unsanitised within JS function in the template that can result in Unauthorised actions and access to data, stealing session information, denial of service. This attack appear to be...

6.1CVSS6.1AI score0.00864EPSS
Exploits0References2
OSV
OSV
added 2018/08/20 7:31 p.m.14 views

CVE-2018-1000640

OpenCart-Overclocked version =1.11.1 contains a Cross Site Scripting XSS vulnerability in User input entered unsanitised within JS function in the template that can result in Unauthorised actions and access to data, stealing session information, denial of service. This attack appear to be...

6.1CVSS6AI score
Exploits0References2
Cvelist
Cvelist
added 2018/08/20 7:0 p.m.14 views

CVE-2018-1000640

OpenCart-Overclocked version =1.11.1 contains a Cross Site Scripting XSS vulnerability in User input entered unsanitised within JS function in the template that can result in Unauthorised actions and access to data, stealing session information, denial of service. This attack appear to be...

6.1AI score0.00864EPSS
Exploits0References2
Rows per page
Query Builder