press x to close
I found multiple SQLi vulnerabilities in the Coinremitter OpenCart module.
The most serious of these allows an unauthenticated attacker to access any and all content stored in the database.
This potentially exposed credentials for a crypto currency wallet, as well as allowing full compromise of the site.
Details: https://gist.github.com/mcdruid/d4bdd8ffb8988bce9408c6bac40a15c5
This was assigned CVE-2025-1117
