CVE-2025-1116 | Dreamvention Live AJAX Search Free up to 1.0.6 on OpenCart live_search.searchresults searchresults/search keyword sql injection

Inserito da Angelo Barbosa | Feb 7, 2025 | CVE

A vulnerability, which was classified as critical, has been found in Dreamvention Live AJAX Search Free up to 1.0.6 on OpenCart. Affected by this issue is the function searchresults/search of the file /?route=extension/live_search/module/live_search.searchresults. The manipulation of the argument keyword leads to sql injection.

This vulnerability is handled as CVE-2025-1116. The attack may be launched remotely. Furthermore, there is an exploit available.

CVE-2025-1116 | Dreamvention Live AJAX Search Free up to 1.0.6 on OpenCart live_search.searchresults searchresults/search keyword sql injection

Post correlati

CVE-2024-55541 | Acronis Cyber Protect 16 up to 39168 postMessage cross site scripting

CVE-2024-7920 | Anhui Deshun Intelligent Technology Jieshun JieLink+ JSOTC2016 up to 20240805 GetParkInThroughDeivces access control

CVE-2024-45547 | Qualcomm Snapdragon Compute FastConnect 6900 up to WSA8845 IOCTL Call buffer overflow

CVE-2025-23084 | Node.js on Windows Drive Name path traversal (Nessus ID 214404)