Page 1 of 1
Search found 5 matches
Re: Vulnerability disclosure for a severe bug in the latest version of OpenCart
I just took a look at it, the security risk is quite low for this, because end users aren't store administrators in the first place. Only an admin could perhaps exploit this security hole. And the admin/controller/common/security.php file can be easily fixed, it would have been easier if Oxbro had ...
Jump to post- Wed Nov 15, 2023 6:57 pm
- Replies 18
- Views 4159
Re: Vulnerability disclosure for a severe bug in the latest version of OpenCart
Where exactly was it published? And where exactly was it fixed for OpenCart 4? Or at least submitted as a new issue on github? It looks to be published here. https://0xbro.red/disclosures/disclosed-vulnerabilities/opencart-cve-2023-47444/ It has not been fixed. I can't find a issue on GitHub for it...
Jump to post- Wed Nov 15, 2023 6:33 am
- Replies 18
- Views 4159
Re: Vulnerability disclosure for a severe bug in the latest version of OpenCart
It would be helpful if one of the regular forum moderators could post on how to report a vulnerability. Yeah, I completely agree. Since there is also the GitHub repo of OpenCart, I think it would be easier to just implement the " private reporting " feature in GitHub. If you message an ad...
Jump to post- Fri Nov 03, 2023 7:39 pm
- Replies 18
- Views 4159
Re: Vulnerability disclosure for a severe bug in the latest version of OpenCart
support@opencart.com Have you recevied ticket number when you send the request/email? Technically team do reply in timley manner. or if you want connatc on offical group via facebook you are most welcome. Unfortunately, I didn't receive any ticket number or response. I'll try as a last resort with ...
Jump to post- Thu Nov 02, 2023 5:03 pm
- Replies 18
- Views 4159
Vulnerability disclosure for a severe bug in the latest version of OpenCart
Hello, I'm 0xbro, a pentester and autonomous vulnerability researcher. I would like to responsibly disclose an authenticated but still severe vulnerability in the latest version of OpenCart. I would have tried writing administrators/moderators with PMs (as detailed in the official README file), but ...
Jump to post- Tue Oct 31, 2023 2:14 am
- Replies 18
- Views 4159
Search found 5 matches
