Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
zen vulnerabilities and exploits
(subscribe to this query)
756
VMScore
CVE-2007-3597
Session fixation vulnerability in Zen Cart 1.3.7 and previous versions allows remote malicious users to hijack web sessions by setting the Cookie parameter.
Zen Cart Zen Cart
668
VMScore
CVE-2006-4214
Multiple SQL injection vulnerabilities in Zen Cart 1.3.0.2 and previous versions allow remote malicious users to execute arbitrary SQL commands via (1) GPC data to the ipn_get_stored_session function in ipn_main_handler.php, which can be leveraged to modify elements of $_SESSION;...
Zen Cart Zen Cart
445
VMScore
CVE-2009-4322
extras/ipn_test_return.php in Zen Cart allows remote malicious users to obtain sensitive information via a direct request, which reveals the installation path in an error message.
Zen-cart Zen Cart
668
VMScore
CVE-2009-4323
The installation for Zen Cart stores sensitive information and insecure programs under the (1) docs, (2) extras, and (3) zc_install folders, and (4) install.txt, which allows remote malicious users to obtain sensitive information, delete the database, and conduct other attacks vi...
Zen-cart Zen Cart
668
VMScore
CVE-2004-2024
The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functionality, which allows malicious users to gain administrative privileges via password_forgotten.php.
Zen Cart Zen Cart 1.1.4
668
VMScore
CVE-2004-2025
SQL injection vulnerability in application_top.php for Zen Cart 1.1.3 before patch 2 may allow remote malicious users to execute arbitrary SQL commands via the products_id parameter.
Zen Cart Zen Cart 1.1.3
1000
VMScore
CVE-2015-8352
Directory traversal vulnerability in Zen Cart 1.5.4 allows remote malicious users to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php.
Zen-cart Zen Cart 1.5.4
1 EDB exploit
755
VMScore
CVE-2008-6615
SQL injection vulnerability in index.php in Zen Software Zen Cart 2008 allows remote malicious users to execute arbitrary SQL commands via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are obtained solel...
Zen-cart Zen Cart 2008
1 EDB exploit
435
VMScore
CVE-2008-6616
Cross-site scripting (XSS) vulnerability in index.php in Zen Software Zen Cart 2008 allows remote malicious users to inject arbitrary web script or HTML via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details ...
Zen-cart Zen Cart 2008
1 EDB exploit
383
VMScore
CVE-2017-10667
In index.php in Zen Cart 1.6.0, the products_id parameter can cause XSS.
Zen-cart Zen Cart 1.6.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »