Lucene search
PRIOn knowledge basePRION:CVE-2022-24108HistoryMay 17, 2022 - 4:15 p.m.
Deserialization of untrusted data
2022-05-1716:15:00
PRIOn knowledge base
www.prio-n.com
2
The Skyoftech So Listing Tabs module 2.2.0 for OpenCart allows a remote attacker to inject a serialized PHP object via the setting parameter, potentially resulting in the ability to write to files on the server, cause DoS, and achieve remote code execution because of deserialization of untrusted data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| so_listing_tabs | eq | 2.2.0 |
References
packetstormsecurity.com/files/167197/OpenCart-So-Listing-Tabs-2.2.0-Unsafe-Deserialization.html
codecanyon.net/item/so-listing-tabs-responsive-opencart-module/12388133
seclists.org/fulldisclosure/2022/May/30
www.smartaddons.com/opencart-extensions/so-listing-tabs-responsive-opencart-30x-opencart-2x-module
Related
zdt
zdt
OpenCart So Listing Tabs 2.2.0 Unsafe Deserialization Vulnerability
2022-05-17 00:00:00
packetstorm
packetstorm
OpenCart So Listing Tabs 2.2.0 Unsafe Deserialization
2022-05-17 00:00:00
checkpoint_advisories
checkpoint_advisories
OpenCart Remote Code Execution (CVE-2022-24108)
2022-11-22 00:00:00
cvelist
cvelist
CVE-2022-24108
2022-05-17 15:55:07
cve
cve
CVE-2022-24108
2022-05-17 16:15:09
nvd
nvd
CVE-2022-24108
2022-05-17 16:15:09