CVE-2023-2315
CVSS V2 None
CVSS V3 None
Description
Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2 allows an authenticated user with access/modify privilege on the Log component to empty out arbitrary files on the server
Overview
- CVE ID
- CVE-2023-2315
- Assigner
- STAR_Labs
- Vulnerability Status
- PUBLISHED
- Published Version
- 2023-09-26T04:36:21.668Z
- Last Modified Date
- 2023-09-26T04:36:21.668Z
Weakness Enumerations
References
Reference URL | Reference Tags |
---|---|
https://starlabs.sg/advisories/23/23-2315/ | third-party-advisory |
https://github.com/opencart/opencart/commit/0a8dd91e385f70e42795380009fd644224c1bc97 | patch |
Sources
Source Name | Source URL |
---|---|
NIST | https://nvd.nist.gov/vuln/detail/CVE-2023-2315 |
MITRE | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-2315 |
History
Created | Old Value | New Value | Data Type | Notes |
---|---|---|---|---|
2024-06-24 21:45:16 | Added to TrackCVE |