Opencart: >> Opencart >> 4.0.2.2 Security Vulnerabilities
Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2 allows an authenticated user with access/modify privilege on the Log component to empty out arbitrary files on the server
CVSS Score
8.1
EPSS Score
0.003
Published
2023-09-27
OpenCart CMS v4.0.2.2 was discovered to lack a protective mechanism on its login page against excessive login attempts, allowing unauthenticated attackers to gain access to the application via a brute force attack to the password parameter.
CVSS Score
9.8
EPSS Score
0.003
Published
2023-09-12
Page 2