Vulnerabilities > Opencart > Opencart > 4.0.2.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-02-28 | CVE-2025-1746 | Cross-site Scripting vulnerability in Opencart Cross-Site Scripting vulnerability in OpenCart versions prior to 4.1.0. | 6.1 |
| 2025-02-28 | CVE-2025-1747 | Cross-site Scripting vulnerability in Opencart HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. | 4.7 |
| 2025-02-28 | CVE-2025-1748 | Cross-site Scripting vulnerability in Opencart HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. | 4.7 |
| 2025-02-28 | CVE-2025-1749 | Cross-site Scripting vulnerability in Opencart HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. | 4.7 |
| 2024-06-22 | CVE-2024-21515 | Cross-site Scripting vulnerability in Opencart This affects versions of the package opencart/opencart from 4.0.0.0. | 4.7 |
| 2024-06-22 | CVE-2024-21516 | Cross-site Scripting vulnerability in Opencart This affects versions of the package opencart/opencart from 4.0.0.0 and before 4.1.0.0. | 4.7 |
| 2024-06-22 | CVE-2024-21517 | Cross-site Scripting vulnerability in Opencart This affects versions of the package opencart/opencart from 4.0.0.0. | 6.1 |
| 2024-06-22 | CVE-2024-21518 | Path Traversal vulnerability in Opencart This affects versions of the package opencart/opencart from 4.0.0.0. | 7.2 |
| 2024-06-22 | CVE-2024-21519 | Unspecified vulnerability in Opencart This affects versions of the package opencart/opencart from 4.0.0.0. | 7.2 |
| 2023-11-15 | CVE-2023-47444 | Code Injection vulnerability in Opencart An issue discovered in OpenCart 4.0.0.0 to 4.0.2.3 allows authenticated backend users having common/security write privilege can write arbitrary untrusted data inside config.php and admin/config.php, resulting in remote code execution on the underlying server. | 8.8 |