press x to close
I found two vulnerabilities in the ShipRocket OpenCart module
One was an Access Bypass as a result of a logic error and type confusion in PHP.
This allows an unauthenticated attacker to access potentially sensitive information stored in the site's database.
Details: https://gist.github.com/mcdruid/0d1fdbba445587639ee5da66e7abfcc9
This was assigned CVE-2025-0580.
The other was SQLi - there were multiple vectors, but most serious of these allows an unauthenticated attacker to access any and all content stored in the database.
Via the SQLi vulnerability it's possible to compromise the site by exfiltrating admin session details / credentials.
Details: https://gist.github.com/mcdruid/3c9fc9bd4e882cee21f8a37998f56fce
This was assigned CVE-2025-0579.
