OpenCart through 3.0.2.0 allows directory traversal in the editDownload function in admin\model\catalog\download.php via admin/index.php?route=catalog/download/edit, related to the download_id. For example, an attacker can download ../../config.php.
References
Link | Resource |
---|---|
http://www.bigdiao.cc/2018/05/24/Opencart-v3-0-2-0/ | Exploit Third Party Advisory |
Configurations
Information
Published : 2018-05-26 13:29
Updated : 2018-06-29 11:49
NVD link : CVE-2018-11495
Mitre link : CVE-2018-11495
JSON object : View
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Products Affected
opencart
- opencart