Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zen vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2015-0882
Multiple cross-site scripting (XSS) vulnerabilities in zencart-ja (aka Zen Cart Japanese edition) 1.3 jp up to and including 1.3.0.2 jp8 and 1.5 ja up to and including 1.5.1 ja allow remote malicious users to inject arbitrary web script or HTML via a crafted parameter, related to...
Zen-cart Zen Cart 1.3.0.0
Zen-cart Zen Cart 1.3.0.1
Zen-cart Zen Cart 1.3.0.2
Zen-cart Zen Cart 1.5.0
Zen-cart Zen Cart 1.5.1
605
VMScore
CVE-2008-6877
Directory traversal vulnerability in admin/includes/initsystem.php in Zen Cart 1.3.8 and 1.3.8a, when .htaccess is not supported, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the loader_file parameter. NOTE: the vendor disputes ...
Zen Cart Zen Cart 1.3.8
Zen Cart Zen Cart 1.3.8a
605
VMScore
CVE-2008-6878
Directory traversal vulnerability in admin/includes/languages/english.php in Zen Cart 1.3.8a, 1.3.8, and previous versions, when .htaccess is not supported, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the _SESSION[language] par...
Zen Cart Zen Cart 1.3.8
Zen Cart Zen Cart 1.3.8a
668
VMScore
CVE-2004-2023
SQL injection vulnerability in login.php in Zen Cart 1.1.2d, 1.1.4 before patch 1, and possibly other versions allows remote malicious users to execute arbitrary SQL via the (1) admin_name or (2) admin_pass parameters.
Zen Cart Zen Cart 1.1.4
Zen Cart Zen Cart 1.1.2d
445
VMScore
CVE-2009-4321
extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other versions, allows remote malicious users to read arbitrary files via a file:// URI. NOTE: some of these details are obtained from third party information.
Zen-cart Zen Cart 1.3.8a
Zen-cart Zen Cart 1.3.8
312
VMScore
CVE-2014-7980
Multiple cross-site scripting (XSS) vulnerabilities in template.php in Zen theme 7.x-3.x prior to 7.x-3.3 and 7.x-5.x prior to 7.x-5.5 for Drupal allow remote authenticated users with the "administer themes" permission to inject arbitrary web script or HTML via the skip...
Drupal Zen 7.x-5.3
Drupal Zen 7.x-5.0
Drupal Zen 7.x-5.1
Drupal Zen 7.x-5.4
Drupal Zen 7.x-3.1
Drupal Zen 7.x-3.2
Drupal Zen 7.x-5.2
Drupal Zen 7.x-3.0
312
VMScore
CVE-2013-4275
Cross-site scripting (XSS) vulnerability in the zen_breadcrumb function in template.php in the Zen theme 6.x-1.x, 7.x-3.x prior to 7.x-3.2, and 7.x-5.x prior to 7.x-5.4 for Drupal allows remote authenticated users with the "administer themes" permission to inject arbitr...
Zen Project Zen
231
VMScore
CVE-2005-3997
Zen Cart 1.2.6d and previous versions, under certain PHP configurations, allows remote malicious users to obtain sensitive information via direct requests to files in the admin/includes directory, including (1) graphs/banner_daily.php, (2) graphs/banner_infobox.php, (3) graphs/ba...
Zen Cart Zen Cart
515
VMScore
CVE-2005-3996
SQL injection vulnerability in admin/password_forgotten.php in Zen Cart 1.2.6d and previous versions allows remote malicious users to execute arbitrary SQL commands via the admin_email parameter.
Zen-cart Zen Cart
1 EDB exploit
668
VMScore
CVE-2006-4214
Multiple SQL injection vulnerabilities in Zen Cart 1.3.0.2 and previous versions allow remote malicious users to execute arbitrary SQL commands via (1) GPC data to the ipn_get_stored_session function in ipn_main_handler.php, which can be leveraged to modify elements of $_SESSION;...
Zen Cart Zen Cart
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37884
CVE-2024-6003
remote
brute force
information disclosure
CVE-2024-27801
CVE-2024-30078
CVE-2024-31870
CVE-2024-6042
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »