CVE-2013-1891 Information

Description

In OpenCart 1.4.7 to 1.5.5.1 implemented anti-traversal code in filemanager.php is ineffective and can be bypassed.

Reference

https://seclists.org/fulldisclosure/2013/Mar/176 https://www.openwall.com/lists/oss-security/2013/03/24/1 http://www.waraxe.us/advisory-98.html