Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zen-cart zen cart vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2015-0882
Multiple cross-site scripting (XSS) vulnerabilities in zencart-ja (aka Zen Cart Japanese edition) 1.3 jp up to and including 1.3.0.2 jp8 and 1.5 ja up to and including 1.5.1 ja allow remote malicious users to inject arbitrary web script or HTML via a crafted parameter, related to...
Zen-cart Zen Cart 1.5.0
Zen-cart Zen Cart 1.3.0.0
Zen-cart Zen Cart 1.3.0.1
Zen-cart Zen Cart 1.3.0.2
Zen-cart Zen Cart 1.5.1
668
VMScore
CVE-2004-2023
SQL injection vulnerability in login.php in Zen Cart 1.1.2d, 1.1.4 before patch 1, and possibly other versions allows remote malicious users to execute arbitrary SQL via the (1) admin_name or (2) admin_pass parameters.
Zen Cart Zen Cart 1.1.2d
Zen Cart Zen Cart 1.1.4
605
VMScore
CVE-2008-6877
Directory traversal vulnerability in admin/includes/initsystem.php in Zen Cart 1.3.8 and 1.3.8a, when .htaccess is not supported, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the loader_file parameter. NOTE: the vendor disputes ...
Zen Cart Zen Cart 1.3.8
Zen Cart Zen Cart 1.3.8a
605
VMScore
CVE-2008-6878
Directory traversal vulnerability in admin/includes/languages/english.php in Zen Cart 1.3.8a, 1.3.8, and previous versions, when .htaccess is not supported, allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the _SESSION[language] par...
Zen Cart Zen Cart 1.3.8
Zen Cart Zen Cart 1.3.8a
445
VMScore
CVE-2009-4321
extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other versions, allows remote malicious users to read arbitrary files via a file:// URI. NOTE: some of these details are obtained from third party information.
Zen-cart Zen Cart 1.3.8a
Zen-cart Zen Cart 1.3.8
668
VMScore
CVE-2006-4214
Multiple SQL injection vulnerabilities in Zen Cart 1.3.0.2 and previous versions allow remote malicious users to execute arbitrary SQL commands via (1) GPC data to the ipn_get_stored_session function in ipn_main_handler.php, which can be leveraged to modify elements of $_SESSION;...
Zen Cart Zen Cart
515
VMScore
CVE-2006-4215
PHP remote file inclusion vulnerability in index.php in Zen Cart 1.3.0.2 and previous versions, when register_globals is enabled, allows remote malicious users to execute arbitrary PHP code via a URL in the autoLoadConfig[999][0][loadFile] parameter.
Zen Cart Zen Cart
1 EDB exploit
515
VMScore
CVE-2005-3996
SQL injection vulnerability in admin/password_forgotten.php in Zen Cart 1.2.6d and previous versions allows remote malicious users to execute arbitrary SQL commands via the admin_email parameter.
Zen-cart Zen Cart
1 EDB exploit
231
VMScore
CVE-2005-3997
Zen Cart 1.2.6d and previous versions, under certain PHP configurations, allows remote malicious users to obtain sensitive information via direct requests to files in the admin/includes directory, including (1) graphs/banner_daily.php, (2) graphs/banner_infobox.php, (3) graphs/ba...
Zen Cart Zen Cart
756
VMScore
CVE-2007-3597
Session fixation vulnerability in Zen Cart 1.3.7 and previous versions allows remote malicious users to hijack web sessions by setting the Cookie parameter.
Zen Cart Zen Cart
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »