The Skyoftech So Listing Tabs module 2.2.0 for OpenCart...
Critical severity
Unreviewed
Published
May 18, 2022
to the GitHub Advisory Database
•
Updated Jan 28, 2023
Description
Published by the National Vulnerability Database
May 17, 2022
Published to the GitHub Advisory Database
May 18, 2022
Last updated
Jan 28, 2023
The Skyoftech So Listing Tabs module 2.2.0 for OpenCart allows a remote attacker to inject a serialized PHP object via the setting parameter, potentially resulting in the ability to write to files on the server, cause DoS, and achieve remote code execution because of deserialization of untrusted data.
References