CVE-2022-24108
The CVE-2022-24108 entry concerns Skyoftech So Listing Tabs module version 2.2.0 for OpenCart. A remote attacker can inject a PHP-serialized object via the module’s setting parameter, which leads to deserialization of untrusted data. This can enable arbitrary file writes on the server, DoS, and r...