CVE-2025-0841: Aridius XYZ News loadMore deserialization
First published: Wed Jan 29 2025(Updated: )
A vulnerability has been found in Aridius XYZ up to 20240927 on OpenCart and classified as critical. This vulnerability affects the function loadMore of the component News. The manipulation leads to deserialization. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component.
Credit: cna@vuldb.com
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- collector/mitre-cve
- source/MITRE
- collector/nvd-api
- source/NVD
- agent/severity
- agent/weakness
- agent/title
- agent/last-modified-date
- agent/source
- agent/type
- agent/references
- agent/author
- agent/tags
- agent/description
- agent/first-publish-date
- agent/event