Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

OpenCart — Vulnerabilities & Security Advisories 9

Browse all 9 CVE security advisories affecting OpenCart. AI-powered Chinese analysis, POCs, and references for each vulnerability.

Opencart serves as an open-source e-commerce platform enabling businesses to create and manage online stores. Historically, it has been susceptible to various vulnerabilities including remote code execution, cross-site scripting, and privilege escalation, often stemming from insufficient input validation and insecure authentication mechanisms. The platform's modular architecture, while flexible, has introduced security challenges through third-party extensions with inconsistent security practices. Notable incidents include multiple high-severity vulnerabilities allowing attackers to execute arbitrary code or compromise administrative accounts, contributing to its six recorded CVEs. Regular security updates and careful extension management remain critical for maintaining secure deployments.

Found 8 results / 9Clear Filters
Top products by OpenCart: Opencart OpenCart Core
CVE IDTitleCVSSSeverityPublished
CVE-2021-47953 OpenCart 3.0.3.7 Cross-Site Request Forgery via account/password — OpenCartCWE-352 4.3 Medium2026-05-10
CVE-2021-47946 OpenCart 3.0.36 Account Takeover via Cross Site Request Forgery — OpenCartCWE-352 5.3 Medium2026-05-10
CVE-2021-47923 OpenCart 3.0.3.8 Session Fixation via OCSESSID Cookie — opencartCWE-290 9.8 Critical2026-05-10
CVE-2025-1749 HTML injection vulnerability in OpenCart — OpenCartCWE-79 4.7 Medium2025-02-28
CVE-2025-1748 HTML injection vulnerability in OpenCart — OpenCartCWE-79 4.7 Medium2025-02-28
CVE-2025-1747 HTML injection vulnerability in OpenCart — OpenCartCWE-79 4.7 Medium2025-02-28
CVE-2025-1746 Cross-Site Scripting vulnerability in OpenCart — OpenCartCWE-79 6.1 Medium2025-02-28
CVE-2023-2315 Path Traversal in OpenCart versions 4.0.0.0 to 4.0.2.2 — OpencartCWE-22 8.1 High2023-09-26

This page lists every published CVE security advisory associated with OpenCart. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.