opencart/opencart vulnerabilities

Licenses: GPL-3.0

License

Known vulnerabilities in the opencart/opencart package. This does not include vulnerabilities belonging to this package’s dependencies.

Snyk's AI Trust Platform automatically finds the best upgrade path and integrates with your development workflows. Secure your code at zero cost.

Vulnerability	Vulnerable Version
M Cross-site Scripting (XSS)	>=2.2.0.0
M Cross-site Scripting (XSS)	>=2.2.0.0
M Cross-site Scripting (XSS)	<4.1.0.0
M Cross-site Scripting (XSS)	<4.1.0.0
M Cross-site Scripting (XSS)	<4.1.0.0
M Cross-site Scripting (XSS)	<4.1.0.0
H Improper Neutralization of Special Elements Used in a Template Engine	>=0.0.0
H Improper Neutralization of Special Elements Used in a Template Engine	>=0.0.0
H Arbitrary File Creation	>=4.0.0.0
H Arbitrary File Write via Archive Extraction (Zip Slip)	>=4.0.0.0
L Reflected Cross-site Scripting	>=4.0.0.0, <4.1.0.0
L Reflected Cross-site Scripting	>=4.0.0.0, <4.1.0.0
L Reflected Cross-site Scripting	>=4.0.0.0, <4.1.0.0
H SQL Injection	<3.0.4.0
M Cross-site Scripting (XSS)	>=0.0.0
M Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')	>=0.0.0
M Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')	>=0.0.0
L Cross-Site Request Forgery (CSRF)	>=3.0.3.6
H Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')	>=4.0.0.0, <4.1.0.0
M SQL Injection	>=0.0.0
H SQL Injection	>=0.0.0
H Improper Input Validation	<2.3.0.0
M Cross-site Scripting (XSS)	>=0.0.0
M Cross-site Scripting (XSS)	>=0.0.0