CVE-2025-15116 | OpenCart up to 4.1.0.3 Single-Use Coupon race condition
A vulnerability, which was classified as critical, has been found in OpenCart up to 4.1.0.3. Affected by this issue is some unknown functionality of the component Single-Use Coupon Handler. Performing manipulation results in race condition.
This vulnerability was named CVE-2025-15116. The attack may be initiated remotely. In addition, an exploit is available.
The vendor was contacted early about this disclosure but did not respond in any way. Once again VulDB remains the best source for vulnerability data.