VYPR
Unrated severityNVD Advisory· Published Nov 15, 2023· Updated Aug 29, 2024

CVE-2023-47444

CVE-2023-47444

Description

An issue discovered in OpenCart 4.0.0.0 to 4.0.2.3 allows authenticated backend users having common/security write privilege can write arbitrary untrusted data inside config.php and admin/config.php, resulting in remote code execution on the underlying server.

Affected products

2
  • Opencart/Opencartcpe-rescue2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: >=4.0.0.0 <=4.0.2.3

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.