C

Cart2Quote RCE vulnerability

Remote Code Execution vulnerability in Ophirah/Qquoteadv (Cart2Quote) extension due to usage of a unserialize function in PHP when receiving this from a GET request.

The vulnerability can be used to remotely execute any PHP code, including full takeover or data compromise. Patch for the extension is available from the extension developers at https://cart2quote.zendesk.com/hc/en-us/articles/115000616303.

Cart2Quote RCE vulnerability
0 votes, 0.00 avg. rating (0% score)