Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.8
CVSSv2

CVE-2011-4403

Published: 24/04/2015 Updated: 27/04/2015
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
VMScore: 585
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P
Subscribe to Zen-cart

Vulnerability Summary

Multiple cross-site request forgery (CSRF) vulnerabilities in Zen Cart 1.3.9h allow remote malicious users to hijack the authentication of administrators for requests that (1) delete a product via a delete_product_confirm action to product.php or (2) disable a product via a setflag action to categories.php.

Vulnerable Product Search on Vulmon Subscribe to Product

zen-cart zen cart 1.3.9h

Exploits

Exploit DB: Zen Cart 1.3.9h - '/path_to_admin/product.php' Cross-Site Request Forgery
source: wwwsecurityfocuscom/bid/51968/info Zen Cart is prone to a cross-site request-forgery vulnerability Exploiting this issue may allow a remote attacker to perform certain administrative actions and gain unauthorized access to the affected application Other attacks are also possible Zen Cart 139h is vulnerable; other versions m ...
Exploit DB: Zen-Cart 1.3.9h Cross Site Request Forgery
Zen-Cart version 139h suffers from a cross site request forgery vulnerability ...

References

CWE-352http://osvdb.org/79137http://seclists.org/fulldisclosure/2012/Feb/171https://nvd.nist.govhttps://www.exploit-db.com/exploits/36688/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7028memory leaklog injectionCVE-2024-3400CVE-2022-48695CVE-2022-48675CVE-2024-34487CVE-2024-33792spoof
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook