High severityNVD Advisory· Published Sep 26, 2023· Updated Sep 24, 2024
Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2
CVE-2023-2315
Description
Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2 allows an authenticated user with access/modify privilege on the Log component to empty out arbitrary files on the server
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
opencart/opencartPackagist | >= 4.0.0.0, < 4.0.2.3 | 4.0.2.3 |
Affected products
2Patches
Vulnerability mechanics
References
6- github.com/opencart/opencart/commit/0a8dd91e385f70e42795380009fd644224c1bc97ghsapatchWEB
- github.com/advisories/GHSA-v4j2-cwmm-xg89ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2023-2315ghsaADVISORY
- starlabs.sg/advisories/23/23-2315/mitrethird-party-advisory
- github.com/opencart/opencart/releases/tag/4.0.2.3ghsaWEB
- starlabs.sg/advisories/23/23-2315ghsaWEB
News mentions
0No linked articles in our index yet.