Security Advisory
CVE-2020-20491
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
SQL injection vulnerability in OpenCart v.2.2.00 thru 3.0.3.2 allows a remote attacker to execute arbitrary code via the Fba plugin function in upload/admin/index.php.