Vulnerabilities > Opencart > Opencart > 3.0.3.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-06-20 | CVE-2020-20491 | SQL Injection vulnerability in Opencart SQL injection vulnerability in OpenCart v.2.2.00 thru 3.0.3.2 allows a remote attacker to execute arbitrary code via the Fba plugin function in upload/admin/index.php. | 7.2 |
2020-03-17 | CVE-2020-10596 | Cross-site Scripting vulnerability in Opencart 3.0.3.2 OpenCart 3.0.3.2 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section. | 3.5 |
2019-08-15 | CVE-2019-15081 | Cross-site Scripting vulnerability in Opencart OpenCart 3.x, when the attacker has login access to the admin panel, allows stored XSS within the Source/HTML editing feature of the Categories, Product, and Information pages. | 4.8 |