CVE-2021-37823

描述

OpenCart 3.0.3.7 allows users to obtain database information or read server files through SQL injection in the background.

受影響套件(1)

• Packagist/opencart/opencartfrom 0, <= 3.0.3.7

CVSS 分數

參考連結(3)

• ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2021-37823
• PATCHhttps://github.com/opencart/opencart
• WEBhttps://medium.com/@nowczj/sql-injection-exists-in-the-background-of-opencart-d41b5c58e99e