Quantcast
Channel: Daily Dark Web
Viewing all articles
Browse latest Browse all 868

Alleged 0-Day Exploits for OpenCart

$
0
0

In a post from a dark web forum, a threat actor has claimed to have identified two critical 0-day vulnerabilities in the most recent version of OpenCart, a popular online store management system.

The vulnerabilities stated by the threat actor include an SQL injection flaw and a broken access control issue. The SQL injection vulnerability is reportedly located in the admin panel. The second vulnerability, broken access control, permits any user, even those unregistered ones, to download backups.

The post owner also mentions two other vulnerabilities in the message, but it is stated that the threat actor couldn’t verify the code issues with those.

The user has shared a video and invited those with questions to PMs and comments. The threat actor does not mention any price in the post or request an escrow for any transaction.

The post Alleged 0-Day Exploits for OpenCart appeared first on Daily Dark Web.


Viewing all articles
Browse latest Browse all 868

Trending Articles