Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zen-cart zen cart - vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2015-0882
Multiple cross-site scripting (XSS) vulnerabilities in zencart-ja (aka Zen Cart Japanese edition) 1.3 jp up to and including 1.3.0.2 jp8 and 1.5 ja up to and including 1.5.1 ja allow remote malicious users to inject arbitrary web script or HTML via a crafted parameter, related to...
Zen-cart Zen Cart 1.5.0
Zen-cart Zen Cart 1.3.0.0
Zen-cart Zen Cart 1.3.0.1
Zen-cart Zen Cart 1.3.0.2
Zen-cart Zen Cart 1.5.1
NA
CVE-2004-2023
SQL injection vulnerability in login.php in Zen Cart 1.1.2d, 1.1.4 before patch 1, and possibly other versions allows remote malicious users to execute arbitrary SQL via the (1) admin_name or (2) admin_pass parameters.
Zen Cart Zen Cart 1.1.2d
Zen Cart Zen Cart 1.1.4
NA
CVE-2008-6877
Directory traversal vulnerability in admin/includes/initsystem.php in Zen Cart 1.3.8 and 1.3.8a, when .htaccess is not supported, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the loader_file parameter. NOTE: the vendor disputes ...
Zen Cart Zen Cart 1.3.8
Zen Cart Zen Cart 1.3.8a
NA
CVE-2008-6878
Directory traversal vulnerability in admin/includes/languages/english.php in Zen Cart 1.3.8a, 1.3.8, and previous versions, when .htaccess is not supported, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the _SESSION[language] par...
Zen Cart Zen Cart 1.3.8
Zen Cart Zen Cart 1.3.8a
NA
CVE-2009-4321
extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other versions, allows remote malicious users to read arbitrary files via a file:// URI. NOTE: some of these details are obtained from third party information.
Zen-cart Zen Cart 1.3.8a
Zen-cart Zen Cart 1.3.8
NA
CVE-2006-6868
Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart Web Shopping Cart prior to 1.3.7 allow remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Zen Cart Web Shopping Cart 1.2.6d
Zen Cart Web Shopping Cart 1.2.7
Zen Cart Web Shopping Cart 1.3.5
Zen Cart Web Shopping Cart 1.3
Zen Cart Web Shopping Cart 1.3.2
Zen Cart Web Shopping Cart 1.1.2d
NA
CVE-2005-3996
SQL injection vulnerability in admin/password_forgotten.php in Zen Cart 1.2.6d and previous versions allows remote malicious users to execute arbitrary SQL commands via the admin_email parameter.
Zen-cart Zen Cart
1 EDB exploit
NA
CVE-2005-3997
Zen Cart 1.2.6d and previous versions, under certain PHP configurations, allows remote malicious users to obtain sensitive information via direct requests to files in the admin/includes directory, including (1) graphs/banner_daily.php, (2) graphs/banner_infobox.php, (3) graphs/ba...
Zen Cart Zen Cart
NA
CVE-2009-4322
extras/ipn_test_return.php in Zen Cart allows remote malicious users to obtain sensitive information via a direct request, which reveals the installation path in an error message.
Zen-cart Zen Cart
NA
CVE-2009-4323
The installation for Zen Cart stores sensitive information and insecure programs under the (1) docs, (2) extras, and (3) zc_install folders, and (4) install.txt, which allows remote malicious users to obtain sensitive information, delete the database, and conduct other attacks vi...
Zen-cart Zen Cart
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »