Want to get paid for a vulnerability similar to this one?
Contact us at: firstname.lastname@example.org
See our full scope at: https://blogs.securiteam.com/index.php/product_scope
The following advisory describes a account takeover vulnerability found in OpenCart (version 18.104.22.168). OpenCart is a opensource e-commerce platform written in PHP.
“Opencart is an easy to-use, powerful, Open Source online store management program that can manage multiple online stores from a single back-end.”
An independent security researcher “Ayrx” has reported this vulnerability to Beyond Security’s SecuriTeam Secure Disclosure program.
The vendor had this response to our report:
“… another clown acting like james bond with a nonsense Vulnerability”
“james already told me it was bullshit so go ahead!”