OpenCart 3.0.3.7 allows users to obtain database information or read server files through SQL injection in the background.
References:GSA_kwCzR0hTQS0yMzZqLXJmeDUtd3EzOM4AAvsL
OpenCart SQL injection vulnerability
| Affected Packages | Affected Versions | Fixed Versions | |
|---|---|---|---|
| packagist:opencart/opencart | <= 3.0.3.7 | No known fixed version | |
Affected Version RangesAll affected versions |
|||