Vulnerabilities > Opencart > Low

DATE CVE VULNERABILITY TITLE RISK
2020-12-29 CVE-2020-29470 Cross-site Scripting vulnerability in Opencart 3.0.3.6
OpenCart 3.0.3.6 is affected by cross-site scripting (XSS) in the Subject field of mail.
network
opencart CWE-79
3.5
3.5
2020-12-29 CVE-2020-29471 Cross-site Scripting vulnerability in Opencart 3.0.3.6
OpenCart 3.0.3.6 is affected by cross-site scripting (XSS) in the Profile Image.
network
opencart CWE-79
3.5
3.5
2020-12-11 CVE-2020-28838 Cross-Site Request Forgery (CSRF) vulnerability in Opencart 3.0.3.6
Cross Site Request Forgery (CSRF) in CART option in OpenCart Ltd.
network
opencart CWE-352
3.5
3.5
2020-03-17 CVE-2020-10596 Cross-site Scripting vulnerability in Opencart 3.0.3.2
OpenCart 3.0.3.2 allows remote authenticated users to conduct XSS attacks via a crafted filename in the users' image upload section.
network
opencart CWE-79
3.5
3.5