Description

SQL injection vulnerability in OpenCart v.2.2.00 thru 3.0.3.2 allows a remote attacker to execute arbitrary code via the Fba plugin function in upload/admin/index.php.

Remediation

References

CVE-2020-20491

Related Vulnerabilities

WordPress Plugin AddToAny Share Buttons Cross-Site Scripting (1.7.45)

Dolibarr Improper Privilege Management Vulnerability (CVE-2022-43138)

MySQL CVE-2012-1703 Vulnerability (CVE-2012-1703)

Oracle Database Server CVE-2015-0457 Vulnerability (CVE-2015-0457)

WordPress Plugin Redux Framework Multiple Cross-Site Scripting Vulnerabilities (3.6.0.2)

Severity

High

Classification

CVE-2020-20491 CWE-138 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities