Analyzed
about 1 hour
ago.
based on code collected
about 1 hour
ago.
Major Versions
click and drag to zoom
Security Vulnerabilities for Version:
Severities:
Type
|
Identifier
|
Related Record |
Severity
|
Date Published
|
Description | Versions Affected |
|---|---|---|---|---|---|
| CVE-2025-45893 | Medium | Jul 25, 2025 | OpenCart version 4.1.0.4 is vulnerable to a Stored Cross-Site Scripting (XSS) attack via SVG file uploads used in blog posts. The vulnerability arises more... |
3.0.5.0, 3.0.4.1, 4.1.0.3, 4.1.0.2, 4.1.0.1, 4.1.0.0, 3.0.4.0, 3.0.3.9, 4.0.2.3, 4.0.2.2
|
|
| CVE-2025-45892 | Medium | Jul 25, 2025 | OpenCart version 4.1.0.4 is vulnerable to a Stored Cross-Site Scripting (XSS) attack via the blog editor. The vulnerability arises because input in the more... |
3.0.5.0, 3.0.4.1, 4.1.0.3, 4.1.0.2, 4.1.0.1, 4.1.0.0, 3.0.4.0, 3.0.3.9, 4.0.2.3, 4.0.2.2
|
|
| CVE-2025-1749 | BDSA-2025-1759 | Medium | Feb 28, 2025 | HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. These vulnerabilities could allow an attacker to modify the HTML of the victim's br more... |
3.0.5.0, 3.0.4.1, 3.0.4.0, 3.0.3.9, 4.0.2.3, 4.0.2.2, 4.0.2.1, 4.0.2.0, 4.0.1.1, 4.0.1.0
|
| CVE-2025-1748 | BDSA-2025-1760 | Medium | Feb 28, 2025 | HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. These vulnerabilities could allow an attacker to modify the HTML of the victim's br more... |
3.0.5.0, 3.0.4.1, 3.0.4.0, 3.0.3.9, 4.0.2.3, 4.0.2.2, 4.0.2.1, 4.0.2.0, 4.0.1.1, 4.0.1.0
|
| CVE-2025-1747 | BDSA-2025-1758 | Medium | Feb 28, 2025 | HTML injection vulnerabilities in OpenCart versions prior to 4.1.0. These vulnerabilities could allow an attacker to modify the HTML of the victim's br more... |
3.0.5.0, 3.0.4.1, 3.0.4.0, 3.0.3.9, 4.0.2.3, 4.0.2.2, 4.0.2.1, 4.0.2.0, 4.0.1.1, 4.0.1.0
|
| CVE-2025-1746 | BDSA-2025-1757 | Medium | Feb 28, 2025 | Cross-Site Scripting vulnerability in OpenCart versions prior to 4.1.0. This vulnerability allows an attacker to execute JavaScript code in the victim' more... |
3.0.5.0, 3.0.4.1, 3.0.4.0, 3.0.3.9, 4.0.2.3, 4.0.2.2, 4.0.2.1, 4.0.2.0, 4.0.1.1, 4.0.1.0
|
| CVE-2025-15116 | BDSA-2025-85374 | Medium | Dec 28, 2025 | A security flaw has been discovered in OpenCart up to 4.1.0.3. Affected by this issue is some unknown functionality of the component Single-Use Coupon more... |
3.0.5.0, 3.0.4.1, 4.1.0.3, 4.1.0.2, 4.1.0.1, 4.1.0.0, 3.0.4.0, 3.0.3.9, 4.0.2.3, 4.0.2.2
|
| CVE-2024-40420 | Jul 17, 2024 | Rejected reason: DO NOT USE THIS CVE RECORD. ConsultIDs: CVE-2024-36694. Reason: This record is a duplicate of CVE-2024-36694. Notes: All CVE users sho more... |
3.0.5.0, 3.0.4.1, 3.0.4.0, 3.0.3.9, 4.0.2.3, 4.0.2.2, 4.0.2.1, 4.0.2.0, 4.0.1.1, 4.0.1.0
|
||
| CVE-2024-36694 | BDSA-2024-9810 | High | Dec 18, 2024 | OpenCart 4.0.2.3 is vulnerable to Server-Side Template Injection (SSTI) via the Theme Editor Function. |
3.0.5.0, 3.0.4.1, 3.0.4.0, 3.0.3.9, 4.0.2.3, 4.0.2.2, 4.0.2.1, 4.0.2.0, 4.0.1.1, 4.0.1.0
|
| BDSA-2021-4783 | Medium | Feb 03, 2023 | OpenCart is vulnerable to SQL injection (SQLi). This allows a remote attacker to extract, modify, and delete information from the database associated w more... |
