All the vulnerabilites related to zen-cart - zen_cart
Vulnerability from fkie_nvd
Published
2017-08-24 21:29
Modified
2024-11-21 02:38
Severity ?
Summary
Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.5.4:*:*:*:*:*:*:*",
"matchCriteriaId": "C002B434-AB24-481C-88EB-009C348C1DC5",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php."
},
{
"lang": "es",
"value": "Una vulnerabilidad de salto de directorio en Zen Cart 1.5.4 permite que atacantes remotos incluyan y ejecuten archivos locales arbitrarios mediante un \"..\" (punto punto) en el par\u00e1metro act en ajax.php"
}
],
"id": "CVE-2015-8352",
"lastModified": "2024-11-21T02:38:21.000",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": true,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-08-24T21:29:00.223",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/537129/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/39017/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch",
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.htbridge.com/advisory/HTB23282"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.zen-cart.com/showthread.php?218914-Security-Patches-for-v1-5-4-November-2015"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://www.securityfocus.com/archive/1/537129/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.exploit-db.com/exploits/39017/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch",
"Technical Description",
"Third Party Advisory"
],
"url": "https://www.htbridge.com/advisory/HTB23282"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Release Notes",
"Vendor Advisory"
],
"url": "https://www.zen-cart.com/showthread.php?218914-Security-Patches-for-v1-5-4-November-2015"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-22"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-12-14 23:30
Modified
2024-11-21 01:09
Severity ?
Summary
The installation for Zen Cart stores sensitive information and insecure programs under the (1) docs, (2) extras, and (3) zc_install folders, and (4) install.txt, which allows remote attackers to obtain sensitive information, delete the database, and conduct other attacks via a direct request, different vulnerabilities than CVE-2009-4321 and CVE-2009-4322.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.zen-cart.com/forum/showthread.php?t=142784 | Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.zen-cart.com/forum/showthread.php?t=142784 | Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAA0187F-0A11-45C5-B212-0FA5C46A113C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The installation for Zen Cart stores sensitive information and insecure programs under the (1) docs, (2) extras, and (3) zc_install folders, and (4) install.txt, which allows remote attackers to obtain sensitive information, delete the database, and conduct other attacks via a direct request, different vulnerabilities than CVE-2009-4321 and CVE-2009-4322."
},
{
"lang": "es",
"value": "La instalacion para Zen Cart almacena informacion sensible y progrmas inseguros bajo (1) docs, (2) extras, y (3) zc_install folders, y (4) install.txt, lo que permite a atacantes remotos obtener informacion sensible, borrar la base de datos, y dirigir otros ataques a traves de una peticion directa, una vulnerabilidad diferente de CVE-2009-4321 y CVE-2009-4322."
}
],
"id": "CVE-2009-4323",
"lastModified": "2024-11-21T01:09:22.093",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-12-14T23:30:00.297",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.zen-cart.com/forum/showthread.php?t=142784"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.zen-cart.com/forum/showthread.php?t=142784"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-04 22:55
Modified
2024-11-21 01:45
Severity ?
Summary
The PayPal Payments Pro module in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the PHP fsockopen function, a different vulnerability than CVE-2012-5805.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paypal | payments_pro | - | |
| zen-cart | zen_cart | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paypal:payments_pro:-:*:*:*:*:*:*:*",
"matchCriteriaId": "2C8BF4D1-0D5B-4404-92DC-8147192503B7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABF15A43-77A4-48A6-9BFB-095AE21A5651",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PayPal Payments Pro module in Zen Cart does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the PHP fsockopen function, a different vulnerability than CVE-2012-5805."
},
{
"lang": "es",
"value": "El m\u00f3dulo PayPal Payments Pro en Zen Cart no comprueba si el nombre del servidor coincide con un nombre de dominio en el Common Name (CN) del asunto o el campo subjectAltName del certificado X.509, lo que permite a atacantes man-in-the-middle falsificar servidores SSL a trav\u00e9s de un certificado v\u00e1lido de su elecci\u00f3n. Relacionado con el uso de la funci\u00f3n PHP fsockopen, una vulnerabilidad diferente de CVE-2012-5805."
}
],
"id": "CVE-2012-5806",
"lastModified": "2024-11-21T01:45:16.137",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-11-04T22:55:04.233",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-03-19 04:15
Modified
2024-11-21 05:35
Severity ?
Summary
Zen Cart 1.5.6d allows reflected XSS via the main_page parameter to includes/templates/template_default/common/tpl_main_page.php or includes/templates/responsive_classic/common/tpl_main_page.php.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://herolab.usd.de/security-advisories/ | Third Party Advisory | |
| cve@mitre.org | https://herolab.usd.de/security-advisories/usd-2019-0069/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://herolab.usd.de/security-advisories/ | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://herolab.usd.de/security-advisories/usd-2019-0069/ | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.5.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "C43E0F2F-2B8D-417F-9B1C-2651D97D11BD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Zen Cart 1.5.6d allows reflected XSS via the main_page parameter to includes/templates/template_default/common/tpl_main_page.php or includes/templates/responsive_classic/common/tpl_main_page.php."
},
{
"lang": "es",
"value": "Zen Cart versi\u00f3n 1.5.6d, permite un ataque de tipo XSS reflejado por medio del par\u00e1metro main_page en los archivos includes/templates/template_default/common/tpl_main_page.php o includes/templates/responsive_classic/common/tpl_main_page.php"
}
],
"id": "CVE-2020-6578",
"lastModified": "2024-11-21T05:35:59.960",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-03-19T04:15:13.187",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://herolab.usd.de/security-advisories/"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://herolab.usd.de/security-advisories/usd-2019-0069/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://herolab.usd.de/security-advisories/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://herolab.usd.de/security-advisories/usd-2019-0069/"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2021-01-26 18:16
Modified
2024-11-21 06:21
Severity ?
Summary
Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://packetstormsecurity.com/files/161613/Zen-Cart-1.5.7b-Remote-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/MucahitSaratar/zencart_auth_rce_poc | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://packetstormsecurity.com/files/161613/Zen-Cart-1.5.7b-Remote-Code-Execution.html | Exploit, Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/MucahitSaratar/zencart_auth_rce_poc | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.5.7b:*:*:*:*:*:*:*",
"matchCriteriaId": "6EEA2200-EBF5-4051-BBDE-A623FE4C1F76",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command."
},
{
"lang": "es",
"value": "Zen Cart versi\u00f3n 1.5.7b, permite a administradores ejecutar comandos arbitrarios del Sistema Operativo inspeccionando un elemento de entrada de radio HTML (dentro de la p\u00e1gina de edici\u00f3n de m\u00f3dulos) e insertando un comando"
}
],
"id": "CVE-2021-3291",
"lastModified": "2024-11-21T06:21:13.740",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 9.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2021-01-26T18:16:29.677",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/161613/Zen-Cart-1.5.7b-Remote-Code-Execution.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/MucahitSaratar/zencart_auth_rce_poc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory",
"VDB Entry"
],
"url": "http://packetstormsecurity.com/files/161613/Zen-Cart-1.5.7b-Remote-Code-Execution.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/MucahitSaratar/zencart_auth_rce_poc"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-78"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-02-27 02:59
Modified
2024-11-21 02:23
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in zencart-ja (aka Zen Cart Japanese edition) 1.3 jp through 1.3.0.2 jp8 and 1.5 ja through 1.5.1 ja allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to admin/includes/init_includes/init_sanitize.php and includes/init_includes/init_sanitize.php.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| vultures@jpcert.or.jp | http://jvn.jp/en/jp/JVN44544694/281242/index.html | Third Party Advisory, VDB Entry | |
| vultures@jpcert.or.jp | http://jvn.jp/en/jp/JVN44544694/index.html | Third Party Advisory, VDB Entry | |
| vultures@jpcert.or.jp | http://jvndb.jvn.jp/jvndb/JVNDB-2015-000027 | Third Party Advisory, VDB Entry | |
| vultures@jpcert.or.jp | https://github.com/zencart-ja/zc-v1-series/commit/022949bd09444d7e58703cc537dbbd5744c381b8 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://jvn.jp/en/jp/JVN44544694/281242/index.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://jvn.jp/en/jp/JVN44544694/index.html | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | http://jvndb.jvn.jp/jvndb/JVNDB-2015-000027 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/zencart-ja/zc-v1-series/commit/022949bd09444d7e58703cc537dbbd5744c381b8 | Third Party Advisory |
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.0.0:*:*:ja:*:*:*:*",
"matchCriteriaId": "0B81F392-DA8D-4FE7-AF6A-78D1D2B3757D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.0.1:*:*:ja:*:*:*:*",
"matchCriteriaId": "07C5929F-7078-45C7-8930-FBE4BF98303F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.0.2:*:*:ja:*:*:*:*",
"matchCriteriaId": "CE16A6BD-ADDA-449F-B219-8CF0AD86A58C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.5.0:*:*:ja:*:*:*:*",
"matchCriteriaId": "AB94A797-4105-4E32-8B53-5F39934562A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.5.1:*:*:ja:*:*:*:*",
"matchCriteriaId": "DFFF2AE6-7FED-4307-B0E6-3E78DCCBFE87",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in zencart-ja (aka Zen Cart Japanese edition) 1.3 jp through 1.3.0.2 jp8 and 1.5 ja through 1.5.1 ja allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to admin/includes/init_includes/init_sanitize.php and includes/init_includes/init_sanitize.php."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de XSS en zencart-ja (tambi\u00e9n conocido como Zen Cart Japanese edition) 1.3 jp hasta 1.3.0.2 jp8 y 1.5 ja hasta 1.5.1 ja permiten a atacantes remotos inyectar secuencias de comandos web arbitrarios o HTML a trav\u00e9s de un par\u00e1metro manipulado, relacionado con admin/includes/init_includes/init_sanitize.php e includes/init_includes/init_sanitize.php."
}
],
"id": "CVE-2015-0882",
"lastModified": "2024-11-21T02:23:55.560",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-02-27T02:59:35.010",
"references": [
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvn.jp/en/jp/JVN44544694/281242/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvn.jp/en/jp/JVN44544694/index.html"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000027"
},
{
"source": "vultures@jpcert.or.jp",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/zencart-ja/zc-v1-series/commit/022949bd09444d7e58703cc537dbbd5744c381b8"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvn.jp/en/jp/JVN44544694/281242/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvn.jp/en/jp/JVN44544694/index.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000027"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/zencart-ja/zc-v1-series/commit/022949bd09444d7e58703cc537dbbd5744c381b8"
}
],
"sourceIdentifier": "vultures@jpcert.or.jp",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-06-30 10:30
Modified
2024-11-21 01:04
Severity ?
Summary
Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/record_company.php, which allows remote attackers to execute arbitrary code by uploading a .php file via the record_company_image parameter in conjunction with a PATH_INFO of password_forgotten.php, then accessing this file via a direct request to the file in images/.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37FB73EA-495B-4C6C-99D2-E10F26AB7A78",
"versionEndIncluding": "1.3.8a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C929C74-3510-4A89-96CF-2109271008E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B3D1E7B9-BE05-4F16-8A3C-F0E8B23FF585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.0d:*:*:*:*:*:*:*",
"matchCriteriaId": "C27DEB51-7745-4B5A-9E23-5491526E857E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "96BA0248-CF20-4DF4-AF6B-4E9CACE8109B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.4d:*:*:*:*:*:*:*",
"matchCriteriaId": "82CED1DF-15F5-47A2-9C70-F276B466167E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB743EA-A17B-406C-81CE-64A52FBB5966",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1BE00024-0295-43BE-8123-56526197B58E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AE050A6F-DF2A-47E8-8188-59BC00C11E70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/record_company.php, which allows remote attackers to execute arbitrary code by uploading a .php file via the record_company_image parameter in conjunction with a PATH_INFO of password_forgotten.php, then accessing this file via a direct request to the file in images/."
},
{
"lang": "es",
"value": "Zen Cart v1.3.8a, v1.3.8 y anteriores no requiere autenticaci\u00f3n como administrador para el acceso a admin/record_company.php, lo que permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n subiendo un archivo php a trav\u00e9s del par\u00e1metro \"record_company_image\" junto con \"PATH_INFO\" de password_forgotten.php, y despu\u00e9s accediendo a este archivo a trav\u00e9s de una petici\u00f3n directa al fichero en images/."
}
],
"id": "CVE-2009-2255",
"lastModified": "2024-11-21T01:04:28.050",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-06-30T10:30:19.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35550"
},
{
"source": "cve@mitre.org",
"url": "http://www.exploit-db.com/exploits/9004"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/55344"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/35467"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.zen-cart.com/forum/attachment.php?attachmentid=5965"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.zen-cart.com/forum/showthread.php?t=130161"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51316"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.exploit-db.com/exploits/9004"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/55344"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/35467"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.zen-cart.com/forum/attachment.php?attachmentid=5965"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.zen-cart.com/forum/showthread.php?t=130161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51316"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-287"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-04 22:55
Modified
2024-11-21 01:45
Severity ?
Summary
The Authorize.Net eCheck module in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lincolnloop | authorize.net_echeck_module | - | |
| zen-cart | zen_cart | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:lincolnloop:authorize.net_echeck_module:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A2870E8A-2237-4303-B374-6D1B5E28B907",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABF15A43-77A4-48A6-9BFB-095AE21A5651",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Authorize.Net eCheck module in Zen Cart does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate."
},
{
"lang": "es",
"value": "El m\u00f3dulo Authorize.Net eCheck en Zen Cart no comprueba si el nombre del servidor coincide con un nombre de dominio en el Common Name (CN) del asunto o el campo subjectAltName del certificado X.509, lo que permite a atacantes man-in-the-middle falsificar servidores SSL a trav\u00e9s de un certificado v\u00e1lido de su elecci\u00f3n."
}
],
"id": "CVE-2012-5807",
"lastModified": "2024-11-21T01:45:16.280",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-11-04T22:55:04.263",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-07-27 06:29
Modified
2024-11-21 03:08
Severity ?
Summary
The traverseStrictSanitize function in admin_dir/includes/classes/AdminRequestSanitizer.php in ZenCart 1.5.5e mishandles key strings, which allows remote authenticated users to execute arbitrary PHP code by placing that code into an invalid array index of the admin_name array parameter to admin_dir/login.php, if there is an export of an error-log entry for that invalid array index.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/imp0wd3r/vuln-papers/tree/master/zencart-155e-auth-rce | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/imp0wd3r/vuln-papers/tree/master/zencart-155e-auth-rce | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.5.5e:*:*:*:*:*:*:*",
"matchCriteriaId": "E9FCB837-36FA-4D8F-8592-E4220A3E2AAD",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The traverseStrictSanitize function in admin_dir/includes/classes/AdminRequestSanitizer.php in ZenCart 1.5.5e mishandles key strings, which allows remote authenticated users to execute arbitrary PHP code by placing that code into an invalid array index of the admin_name array parameter to admin_dir/login.php, if there is an export of an error-log entry for that invalid array index."
},
{
"lang": "es",
"value": "La funci\u00f3n traverseStrictSanitize en el archivo admin_dir/includes/classes/AdminRequestSanitizer.php en ZenCart versi\u00f3n 1.5.5e, maneja inapropiadamente las cadenas de claves, permitiendo a los usuarios autenticados remotos ejecutar c\u00f3digo PHP arbitrario mediante la colocaci\u00f3n de ese c\u00f3digo en un \u00edndice de matriz no v\u00e1lido del par\u00e1metro matriz admin_name en el archivo admin_dir/login.php, si hay una exportaci\u00f3n de una entrada de registro de error para ese \u00edndice de matriz no v\u00e1lido."
}
],
"id": "CVE-2017-11675",
"lastModified": "2024-11-21T03:08:17.023",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-07-27T06:29:00.287",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/imp0wd3r/vuln-papers/tree/master/zencart-155e-auth-rce"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/imp0wd3r/vuln-papers/tree/master/zencart-155e-auth-rce"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-94"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2015-04-24 14:59
Modified
2024-11-21 01:32
Severity ?
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in Zen Cart 1.3.9h allow remote attackers to hijack the authentication of administrators for requests that (1) delete a product via a delete_product_confirm action to product.php or (2) disable a product via a setflag action to categories.php.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.9h:*:*:*:*:*:*:*",
"matchCriteriaId": "86212B90-BBB6-41F1-A6D1-1FCDD9799E26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Zen Cart 1.3.9h allow remote attackers to hijack the authentication of administrators for requests that (1) delete a product via a delete_product_confirm action to product.php or (2) disable a product via a setflag action to categories.php."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de CSRF en Zen Cart 1.3.9h permiten a atacantes remotos secuestrar la autenticaci\u00f3n de administradores para solicitudes que (1) eliminan un producto a trav\u00e9s de una acci\u00f3n delete_product_confirm en product.php o (2) deshabilitan un producto a trav\u00e9s de una acci\u00f3n setflag en categories.php."
}
],
"evaluatorComment": "Per the \u003ca href=\"http://seclists.org/fulldisclosure/2012/Feb/171\"\u003eadvisory\u003c/a\u003e: \"By submitting this form from any location an attacker can cause the\nadministrator to delete / disable products from his store.\" Only integrity and availability are affected.",
"id": "CVE-2011-4403",
"lastModified": "2024-11-21T01:32:20.487",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2015-04-24T14:59:00.077",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/79137"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2012/Feb/171"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/79137"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://seclists.org/fulldisclosure/2012/Feb/171"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-352"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-12-14 23:30
Modified
2024-11-21 01:09
Severity ?
Summary
extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other versions, allows remote attackers to read arbitrary files via a file:// URI. NOTE: some of these details are obtained from third party information.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AE050A6F-DF2A-47E8-8188-59BC00C11E70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "8B91E4C9-31A7-4CA6-8641-F0D4AEA543BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other versions, allows remote attackers to read arbitrary files via a file:// URI. NOTE: some of these details are obtained from third party information."
},
{
"lang": "es",
"value": "extras/curltest.php en Zen Cart v1.3.8 y v1.3.8a, y posiblemente otras versiones, permite a atacantes remotos leer ficheros arbitrarios a trav\u00e9s de un fichero file:// URI. NOTA: Algunos de los detalles fueron obtenidos de terceras partes."
}
],
"id": "CVE-2009-4321",
"lastModified": "2024-11-21T01:09:21.843",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-12-14T23:30:00.250",
"references": [
{
"source": "cve@mitre.org",
"url": "http://osvdb.org/60892"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37630"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.acunetix.com/blog/websecuritynews/acusensor-curl-and-zen-cart/"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/508340/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/37283"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3474"
},
{
"source": "cve@mitre.org",
"url": "http://www.zen-cart.com/forum/showthread.php?t=142784"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54687"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://osvdb.org/60892"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/37630"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.acunetix.com/blog/websecuritynews/acusensor-curl-and-zen-cart/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/508340/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/37283"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2009/3474"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.zen-cart.com/forum/showthread.php?t=142784"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54687"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-04 22:55
Modified
2024-11-21 01:45
Severity ?
Summary
The LinkPoint module in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:firstdata:linkpoint:-:*:*:*:*:*:*:*",
"matchCriteriaId": "A07DB4AA-985B-4778-BE30-4D20DC68E005",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABF15A43-77A4-48A6-9BFB-095AE21A5651",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The LinkPoint module in Zen Cart does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate."
},
{
"lang": "es",
"value": "El m\u00f3dulo LinkPoint en Zen Cart no comprueba si el nombre del servidor coincide con un nombre de dominio en el Common Name (CN) del asunto o el campo subjectAltName del certificado X.509, lo que permite a atacantes man-in-the-middle falsificar servidores SSL a trav\u00e9s de un certificado v\u00e1lido de su elecci\u00f3n."
}
],
"id": "CVE-2012-5808",
"lastModified": "2024-11-21T01:45:16.430",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-11-04T22:55:04.310",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-06-29 00:29
Modified
2024-11-21 03:06
Severity ?
Summary
In index.php in Zen Cart 1.6.0, the products_id parameter can cause XSS.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/zencart/zencart/issues/1443 | Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://github.com/zhonghaozhao/zencart/issues/1 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/zencart/zencart/issues/1443 | Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/zhonghaozhao/zencart/issues/1 | Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "06A476EF-01B0-4A75-BAFE-944B37B48F9E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "In index.php in Zen Cart 1.6.0, the products_id parameter can cause XSS."
},
{
"lang": "es",
"value": "En index.php en Zen Cart 1.6.0, el par\u00e1metro products_id puede provocar Cross-Site Scripting (XSS). RSA Via Lifecycle and Governance versi\u00f3n 7.0, en todos los niveles de parches y RSA Identity Management and Governance (RSA IMG) versiones 6.9.1, en todos los niveles de parches, permiten que un administrador de aplicaci\u00f3n suba archivos arbitrarios que podr\u00edan contener c\u00f3digo malicioso. El archivo malicioso podr\u00eda ejecutarse en el sistema afectado con los privilegios del usuario que est\u00e1 ejecutando la aplicaci\u00f3n."
}
],
"id": "CVE-2017-10667",
"lastModified": "2024-11-21T03:06:15.260",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-06-29T00:29:00.263",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/zencart/zencart/issues/1443"
},
{
"source": "cve@mitre.org",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/zhonghaozhao/zencart/issues/1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Issue Tracking",
"Third Party Advisory"
],
"url": "https://github.com/zencart/zencart/issues/1443"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
],
"url": "https://github.com/zhonghaozhao/zencart/issues/1"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-08-19 05:24
Modified
2024-11-21 00:57
Severity ?
Summary
Multiple SQL injection vulnerabilities in includes/classes/shopping_cart.php in Zen Cart 1.2.0 through 1.3.8a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter when (1) adding or (2) updating the shopping cart.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zen-cart | zen_cart | 1.2.0d | |
| zen-cart | zen_cart | 1.2.1_patch1 | |
| zen-cart | zen_cart | 1.2.1d | |
| zen-cart | zen_cart | 1.2.2d | |
| zen-cart | zen_cart | 1.2.3d | |
| zen-cart | zen_cart | 1.2.4.1 | |
| zen-cart | zen_cart | 1.2.4d | |
| zen-cart | zen_cart | 1.2.5d | |
| zen-cart | zen_cart | 1.2.6d | |
| zen-cart | zen_cart | 1.3 | |
| zen-cart | zen_cart | 1.3.2 | |
| zen-cart | zen_cart | 1.3.5 | |
| zen-cart | zen_cart | 1.3.6 | |
| zen-cart | zen_cart | 1.3.7 | |
| zen-cart | zen_cart | 1.3.8 | |
| zen-cart | zen_cart | 1.3.8a |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.0d:*:*:*:*:*:*:*",
"matchCriteriaId": "C27DEB51-7745-4B5A-9E23-5491526E857E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.1_patch1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B6F7573-2BED-4035-88A3-88D4EDE39CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "96BA0248-CF20-4DF4-AF6B-4E9CACE8109B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.2d:*:*:*:*:*:*:*",
"matchCriteriaId": "62FF3EA3-FF9F-4E21-B485-C570DB62E0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.3d:*:*:*:*:*:*:*",
"matchCriteriaId": "271B7AA0-13C1-409A-A6CA-9532757B864B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD3CD1F-4BE7-436B-A0BE-2F96162AD76B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.4d:*:*:*:*:*:*:*",
"matchCriteriaId": "82CED1DF-15F5-47A2-9C70-F276B466167E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.5d:*:*:*:*:*:*:*",
"matchCriteriaId": "A866A952-5EE5-4B11-826E-123B19A98D9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "BE17BAE0-11F8-4BCB-AE63-9482F17083A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB406101-000B-4787-9EA8-3FF35CFFE23A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4616B2FA-266F-4D69-A04A-657EF731B0D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0A6A2F06-753F-41A6-84E5-7F1AE340265E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB743EA-A17B-406C-81CE-64A52FBB5966",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1BE00024-0295-43BE-8123-56526197B58E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AE050A6F-DF2A-47E8-8188-59BC00C11E70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "8B91E4C9-31A7-4CA6-8641-F0D4AEA543BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in includes/classes/shopping_cart.php in Zen Cart 1.2.0 through 1.3.8a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter when (1) adding or (2) updating the shopping cart."
},
{
"lang": "es",
"value": "M\u00faltiples vulnerabilidades de inyecci\u00f3n SQL en includes/classes/shopping_cart.php en Zen Cart v1.2.0 a v1.3.8a, cuando magic_quotes_gpc est\u00e1 desactivado, permiten a atacantes remotos ejecutar comandos SQL a trav\u00e9s del par\u00e1metro ID cuando (1) se a\u00f1ade algo o (2) se actualiza el carrito de la compra."
}
],
"id": "CVE-2008-6985",
"lastModified": "2024-11-21T00:57:58.830",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-08-19T05:24:52.453",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31758"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.gulftech.org/?node=research\u0026article_id=00129-09042008"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/48346"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/496002/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/496032/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31023"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.zen-cart.com/forum/showthread.php?p=604473"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44917"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.gulftech.org/?node=research\u0026article_id=00129-09042008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/48346"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/496002/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/496032/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.zen-cart.com/forum/showthread.php?p=604473"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44917"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2006-02-15 11:06
Modified
2024-11-21 00:07
Severity ?
Summary
Zen Cart before 1.2.7 does not protect the admin/includes directory, which allows remote attackers to cause unknown impact via unspecified vectors, probably direct requests.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2B085E-8101-425A-A186-3DC81FD3AF66",
"versionEndIncluding": "1.2.6d",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C929C74-3510-4A89-96CF-2109271008E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B3D1E7B9-BE05-4F16-8A3C-F0E8B23FF585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.0d:*:*:*:*:*:*:*",
"matchCriteriaId": "C27DEB51-7745-4B5A-9E23-5491526E857E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "36122EF6-499E-4F19-83EF-EA4961A8CF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "96BA0248-CF20-4DF4-AF6B-4E9CACE8109B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.2d:*:*:*:*:*:*:*",
"matchCriteriaId": "62FF3EA3-FF9F-4E21-B485-C570DB62E0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.3d:*:*:*:*:*:*:*",
"matchCriteriaId": "271B7AA0-13C1-409A-A6CA-9532757B864B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD3CD1F-4BE7-436B-A0BE-2F96162AD76B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.4d:*:*:*:*:*:*:*",
"matchCriteriaId": "82CED1DF-15F5-47A2-9C70-F276B466167E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.5d:*:*:*:*:*:*:*",
"matchCriteriaId": "A866A952-5EE5-4B11-826E-123B19A98D9D",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Zen Cart before 1.2.7 does not protect the admin/includes directory, which allows remote attackers to cause unknown impact via unspecified vectors, probably direct requests."
}
],
"id": "CVE-2006-0697",
"lastModified": "2024-11-21T00:07:07.560",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "COMPLETE",
"baseScore": 10.0,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:N/AC:L/Au:N/C:C/I:C/A:C",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 10.0,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2006-02-15T11:06:00.000",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18801"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=392886"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2006/0546"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/18801"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=392886"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2006/0546"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-264"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-06 18:30
Modified
2024-11-21 00:57
Severity ?
Summary
SQL injection vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to execute arbitrary SQL commands via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "969D134E-DED8-43F8-B582-F95BE4A9C81A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to execute arbitrary SQL commands via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en index.php en Zen Software Zen Cart 2008 permite a atacantes remotos ejecutar comandos SQL de su elecci\u00f3n a trav\u00e9s del par\u00e1metro \"keyword\" en la p\u00e1gina advanced_search_result.\r\nNOTA: la procedencia de esta informaci\u00f3n es desconocida; los detalles han sido obtenidos solamente a partir de la informaci\u00f3n de terceros."
}
],
"id": "CVE-2008-6615",
"lastModified": "2024-11-21T00:57:00.133",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-04-06T18:30:00.203",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/29020.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/29020"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/29020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/29020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42161"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2017-05-08 06:29
Modified
2024-11-21 03:34
Severity ?
Summary
Zen Cart 1.6.0 has XSS in the main_page parameter to index.php. NOTE: 1.6.0 is not an official release but the vendor's README.md file offers a link to v160.zip with a description of "Download latest in-development version from github."
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/zencart/zencart/issues/1431 | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/zencart/zencart/issues/1431 | Exploit, Third Party Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.6.0:*:*:*:*:*:*:*",
"matchCriteriaId": "06A476EF-01B0-4A75-BAFE-944B37B48F9E",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Zen Cart 1.6.0 has XSS in the main_page parameter to index.php. NOTE: 1.6.0 is not an official release but the vendor\u0027s README.md file offers a link to v160.zip with a description of \"Download latest in-development version from github.\""
},
{
"lang": "es",
"value": "Zen Cart 1.6.0 tiene una vulnerabilidad de tipo XSS en el par\u00e1metro main_page a index.php. NOTA: 1.6.0 no es una versi\u00f3n oficial, pero el archivo README.md del proveedor ofrece un enlace a v160.zip con una descripci\u00f3n de \"Descargar la \u00faltima versi\u00f3n en desarrollo de github\"."
}
],
"id": "CVE-2017-8833",
"lastModified": "2024-11-21T03:34:47.700",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.0"
},
"exploitabilityScore": 2.8,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2017-05-08T06:29:00.347",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/zencart/zencart/issues/1431"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://github.com/zencart/zencart/issues/1431"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2024-08-21 17:15
Modified
2024-08-23 16:43
Severity ?
Summary
Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Zen Cart. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the findPluginAdminPage function. The issue results from the lack of proper validation of user-supplied data prior to passing it to a PHP include function. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the service account. Was ZDI-CAN-21408.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| zdi-disclosures@trendmicro.com | https://docs.zen-cart.com/release/whatsnew_2.0.0 | Release Notes | |
| zdi-disclosures@trendmicro.com | https://www.zerodayinitiative.com/advisories/ZDI-24-883/ | Third Party Advisory, VDB Entry |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.5.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "6578B396-8063-4E7E-8B7E-F8A7A495D92F",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Zen Cart. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the findPluginAdminPage function. The issue results from the lack of proper validation of user-supplied data prior to passing it to a PHP include function. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the service account. Was ZDI-CAN-21408."
},
{
"lang": "es",
"value": "Zen Cart findPluginAdminPage Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de inclusi\u00f3n de archivos locales. Esta vulnerabilidad permite a atacantes remotos ejecutar c\u00f3digo arbitrario en las instalaciones afectadas de Zen Cart. No se requiere autenticaci\u00f3n para aprovechar esta vulnerabilidad. La falla espec\u00edfica existe dentro de la funci\u00f3n findPluginAdminPage. El problema se debe a la falta de validaci\u00f3n adecuada de los datos proporcionados por el usuario antes de pasarlos a una funci\u00f3n de inclusi\u00f3n de PHP. Un atacante puede aprovechar esto junto con otras vulnerabilidades para ejecutar c\u00f3digo arbitrario en el contexto de la cuenta de servicio. Era ZDI-CAN-21408."
}
],
"id": "CVE-2024-5762",
"lastModified": "2024-08-23T16:43:19.497",
"metrics": {
"cvssMetricV30": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.2,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-08-21T17:15:08.810",
"references": [
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Release Notes"
],
"url": "https://docs.zen-cart.com/release/whatsnew_2.0.0"
},
{
"source": "zdi-disclosures@trendmicro.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-883/"
}
],
"sourceIdentifier": "zdi-disclosures@trendmicro.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-98"
}
],
"source": "zdi-disclosures@trendmicro.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "CWE-829"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-05-27 19:55
Modified
2024-11-21 01:36
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in zc_install/includes/modules/pages/database_setup/header_php.php in Zen Cart 1.5.0 and earlier, when the software is being installed, allows remote attackers to inject arbitrary web script or HTML via the db_username parameter to zc_install/index.php.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zen-cart | zen_cart | * | |
| zen-cart | zen_cart | * | |
| zen-cart | zen_cart | 1.1.0 | |
| zen-cart | zen_cart | 1.1.3 | |
| zen-cart | zen_cart | 1.2.0d | |
| zen-cart | zen_cart | 1.2.1 | |
| zen-cart | zen_cart | 1.2.1_patch1 | |
| zen-cart | zen_cart | 1.2.1d | |
| zen-cart | zen_cart | 1.2.2d | |
| zen-cart | zen_cart | 1.2.3d | |
| zen-cart | zen_cart | 1.2.4.1 | |
| zen-cart | zen_cart | 1.2.4d | |
| zen-cart | zen_cart | 1.2.5d | |
| zen-cart | zen_cart | 1.2.6d | |
| zen-cart | zen_cart | 1.3 | |
| zen-cart | zen_cart | 1.3.0.2 | |
| zen-cart | zen_cart | 1.3.2 | |
| zen-cart | zen_cart | 1.3.5 | |
| zen-cart | zen_cart | 1.3.6 | |
| zen-cart | zen_cart | 1.3.7 | |
| zen-cart | zen_cart | 1.3.8 | |
| zen-cart | zen_cart | 1.3.8a | |
| zen-cart | zen_cart | 1.3.9 | |
| zen-cart | zen_cart | 1.3.9h | |
| zen-cart | zen_cart | 2008 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAA0187F-0A11-45C5-B212-0FA5C46A113C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:*:*:*:*:*:*:*:*",
"matchCriteriaId": "1732F0B2-90F7-4786-A43E-7BF747FA9D80",
"versionEndIncluding": "1.5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C929C74-3510-4A89-96CF-2109271008E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B3D1E7B9-BE05-4F16-8A3C-F0E8B23FF585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.0d:*:*:*:*:*:*:*",
"matchCriteriaId": "C27DEB51-7745-4B5A-9E23-5491526E857E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "36122EF6-499E-4F19-83EF-EA4961A8CF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.1_patch1:*:*:*:*:*:*:*",
"matchCriteriaId": "0B6F7573-2BED-4035-88A3-88D4EDE39CA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "96BA0248-CF20-4DF4-AF6B-4E9CACE8109B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.2d:*:*:*:*:*:*:*",
"matchCriteriaId": "62FF3EA3-FF9F-4E21-B485-C570DB62E0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.3d:*:*:*:*:*:*:*",
"matchCriteriaId": "271B7AA0-13C1-409A-A6CA-9532757B864B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD3CD1F-4BE7-436B-A0BE-2F96162AD76B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.4d:*:*:*:*:*:*:*",
"matchCriteriaId": "82CED1DF-15F5-47A2-9C70-F276B466167E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.5d:*:*:*:*:*:*:*",
"matchCriteriaId": "A866A952-5EE5-4B11-826E-123B19A98D9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "BE17BAE0-11F8-4BCB-AE63-9482F17083A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB406101-000B-4787-9EA8-3FF35CFFE23A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "12EF0BC7-0F38-454B-9864-E740E931FF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4616B2FA-266F-4D69-A04A-657EF731B0D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0A6A2F06-753F-41A6-84E5-7F1AE340265E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB743EA-A17B-406C-81CE-64A52FBB5966",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1BE00024-0295-43BE-8123-56526197B58E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AE050A6F-DF2A-47E8-8188-59BC00C11E70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "8B91E4C9-31A7-4CA6-8641-F0D4AEA543BE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.9:*:*:*:*:*:*:*",
"matchCriteriaId": "830D28DE-9200-42A1-858C-ECAB0A09C22D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.9h:*:*:*:*:*:*:*",
"matchCriteriaId": "86212B90-BBB6-41F1-A6D1-1FCDD9799E26",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "969D134E-DED8-43F8-B582-F95BE4A9C81A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in zc_install/includes/modules/pages/database_setup/header_php.php in Zen Cart 1.5.0 and earlier, when the software is being installed, allows remote attackers to inject arbitrary web script or HTML via the db_username parameter to zc_install/index.php."
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en zc_install/includes/modules/pages/database_setup/header_php.php en Zen Cart 1.5.0 y anteriores cuando el software est\u00e1 siendo instalado, permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del par\u00e1metro de db_username zc_install / index.php."
}
],
"id": "CVE-2012-1413",
"lastModified": "2024-11-21T01:36:55.660",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "LOW",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 2.6,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2012-05-27T19:55:01.047",
"references": [
{
"source": "cve@mitre.org",
"url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2012-004.txt"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2012-004.txt"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-08-19 05:24
Modified
2024-11-21 00:57
Severity ?
Summary
SQL injection vulnerability in the actionMultipleAddProduct function in includes/classes/shopping_cart.php in Zen Cart 1.3.0 through 1.3.8a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the products_id array parameter in a multiple_products_add_product action, a different vulnerability than CVE-2008-6985.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB406101-000B-4787-9EA8-3FF35CFFE23A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "12EF0BC7-0F38-454B-9864-E740E931FF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4616B2FA-266F-4D69-A04A-657EF731B0D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0A6A2F06-753F-41A6-84E5-7F1AE340265E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB743EA-A17B-406C-81CE-64A52FBB5966",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1BE00024-0295-43BE-8123-56526197B58E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AE050A6F-DF2A-47E8-8188-59BC00C11E70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "8B91E4C9-31A7-4CA6-8641-F0D4AEA543BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the actionMultipleAddProduct function in includes/classes/shopping_cart.php in Zen Cart 1.3.0 through 1.3.8a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the products_id array parameter in a multiple_products_add_product action, a different vulnerability than CVE-2008-6985."
},
{
"lang": "es",
"value": "Vulnerabilidad de inyecci\u00f3n SQL en la funci\u00f3n actionMultipleAddProduct en includes/classes/shopping_cart.php en Zen Cartv v1.3.0 hasta v1.3.8a, cuando magic_quotes_gpc es desactivada, permite a atacantes remotos ejecutar comandos SQL a su elecci\u00f3n a trav\u00e9s del par\u00e1metro products_id en una acci\u00f3n multiple_products_add_product, una vulnerabilidad diferente a CVE-2008-6985."
}
],
"id": "CVE-2008-6986",
"lastModified": "2024-11-21T00:57:59.010",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-08-19T05:24:52.467",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31758"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.gulftech.org/?node=research\u0026article_id=00129-09042008"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/48347"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/496002/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/496032/100/100/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/31023"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.zen-cart.com/forum/showthread.php?p=604473"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/31758"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.gulftech.org/?node=research\u0026article_id=00129-09042008"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/48347"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/496002/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/496032/100/100/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/31023"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.zen-cart.com/forum/showthread.php?p=604473"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-06-30 10:30
Modified
2024-11-21 01:04
Severity ?
Summary
Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/sqlpatch.php, which allows remote attackers to execute arbitrary SQL commands via the query_string parameter in an execute action, in conjunction with a PATH_INFO of password_forgotten.php, related to a "SQL Execution" issue.
References
Impacted products
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:*:*:*:*:*:*:*:*",
"matchCriteriaId": "37FB73EA-495B-4C6C-99D2-E10F26AB7A78",
"versionEndIncluding": "1.3.8a",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C929C74-3510-4A89-96CF-2109271008E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B3D1E7B9-BE05-4F16-8A3C-F0E8B23FF585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.0d:*:*:*:*:*:*:*",
"matchCriteriaId": "C27DEB51-7745-4B5A-9E23-5491526E857E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "96BA0248-CF20-4DF4-AF6B-4E9CACE8109B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.4d:*:*:*:*:*:*:*",
"matchCriteriaId": "82CED1DF-15F5-47A2-9C70-F276B466167E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB743EA-A17B-406C-81CE-64A52FBB5966",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1BE00024-0295-43BE-8123-56526197B58E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AE050A6F-DF2A-47E8-8188-59BC00C11E70",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/sqlpatch.php, which allows remote attackers to execute arbitrary SQL commands via the query_string parameter in an execute action, in conjunction with a PATH_INFO of password_forgotten.php, related to a \"SQL Execution\" issue."
},
{
"lang": "es",
"value": "Zen Cart v1.3.8a, v1.3.8 y anteriores no solicita una autenticaci\u00f3n administrativa para admin/sqlpatch.php, lo que permite a atacantes remotos ejecutar comandos SQL arbitrarios a trav\u00e9s del par\u00e1metro \"query_string\" en una ejecuci\u00f3n, en conjunci\u00f3n con un PATH_INFO de password_forgotten.php, relacionado con el caso \"ejecuci\u00f3n SQL\"."
}
],
"id": "CVE-2009-2254",
"lastModified": "2024-11-21T01:04:27.920",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "HIGH",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-06-30T10:30:11.687",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35550"
},
{
"source": "cve@mitre.org",
"url": "http://www.exploit-db.com/exploits/9005"
},
{
"source": "cve@mitre.org",
"url": "http://www.osvdb.org/55343"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/35468"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.zen-cart.com/forum/attachment.php?attachmentid=5965"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.zen-cart.com/forum/showthread.php?t=130161"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51317"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/35550"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.exploit-db.com/exploits/9005"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.osvdb.org/55343"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Patch"
],
"url": "http://www.securityfocus.com/bid/35468"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "http://www.zen-cart.com/forum/attachment.php?attachmentid=5965"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.zen-cart.com/forum/showthread.php?t=130161"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51317"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-11-29 00:55
Modified
2024-11-21 01:32
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in includes/templates/template_default/templates/tpl_gv_send_default.php in Zen Cart before 1.5 allows remote attackers to inject arbitrary web script or HTML via the message parameter in a gv_send action to index.php, a different vulnerability than CVE-2011-4547.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| zen-cart | zen_cart | * | |
| zen-cart | zen_cart | 1.1.0 | |
| zen-cart | zen_cart | 1.1.3 | |
| zen-cart | zen_cart | 1.2.0d | |
| zen-cart | zen_cart | 1.2.1 | |
| zen-cart | zen_cart | 1.2.1d | |
| zen-cart | zen_cart | 1.2.2d | |
| zen-cart | zen_cart | 1.2.3d | |
| zen-cart | zen_cart | 1.2.4.1 | |
| zen-cart | zen_cart | 1.2.4d | |
| zen-cart | zen_cart | 1.2.5d | |
| zen-cart | zen_cart | 1.2.6d | |
| zen-cart | zen_cart | 1.3 | |
| zen-cart | zen_cart | 1.3.0.2 | |
| zen-cart | zen_cart | 1.3.2 | |
| zen-cart | zen_cart | 1.3.5 | |
| zen-cart | zen_cart | 1.3.6 | |
| zen-cart | zen_cart | 1.3.7 | |
| zen-cart | zen_cart | 1.3.8 | |
| zen-cart | zen_cart | 1.3.8a |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:*:*:*:*:*:*:*:*",
"matchCriteriaId": "EFF6C231-B0CD-4668-9E9D-4E4B0DFF8D09",
"versionEndIncluding": "1.3.9",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "8C929C74-3510-4A89-96CF-2109271008E6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "B3D1E7B9-BE05-4F16-8A3C-F0E8B23FF585",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.0d:*:*:*:*:*:*:*",
"matchCriteriaId": "C27DEB51-7745-4B5A-9E23-5491526E857E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.1:patch1:*:*:*:*:*:*",
"matchCriteriaId": "36122EF6-499E-4F19-83EF-EA4961A8CF0B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.1d:*:*:*:*:*:*:*",
"matchCriteriaId": "96BA0248-CF20-4DF4-AF6B-4E9CACE8109B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.2d:*:*:*:*:*:*:*",
"matchCriteriaId": "62FF3EA3-FF9F-4E21-B485-C570DB62E0F0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.3d:*:*:*:*:*:*:*",
"matchCriteriaId": "271B7AA0-13C1-409A-A6CA-9532757B864B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.4.1:*:*:*:*:*:*:*",
"matchCriteriaId": "3FD3CD1F-4BE7-436B-A0BE-2F96162AD76B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.4d:*:*:*:*:*:*:*",
"matchCriteriaId": "82CED1DF-15F5-47A2-9C70-F276B466167E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.5d:*:*:*:*:*:*:*",
"matchCriteriaId": "A866A952-5EE5-4B11-826E-123B19A98D9D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.2.6d:*:*:*:*:*:*:*",
"matchCriteriaId": "BE17BAE0-11F8-4BCB-AE63-9482F17083A8",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3:*:*:*:*:*:*:*",
"matchCriteriaId": "AB406101-000B-4787-9EA8-3FF35CFFE23A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.0.2:*:*:*:*:*:*:*",
"matchCriteriaId": "12EF0BC7-0F38-454B-9864-E740E931FF65",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.2:*:*:*:*:*:*:*",
"matchCriteriaId": "4616B2FA-266F-4D69-A04A-657EF731B0D1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.5:*:*:*:*:*:*:*",
"matchCriteriaId": "0A6A2F06-753F-41A6-84E5-7F1AE340265E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.6:*:*:*:*:*:*:*",
"matchCriteriaId": "BDB743EA-A17B-406C-81CE-64A52FBB5966",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.7:*:*:*:*:*:*:*",
"matchCriteriaId": "1BE00024-0295-43BE-8123-56526197B58E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.8:*:*:*:*:*:*:*",
"matchCriteriaId": "AE050A6F-DF2A-47E8-8188-59BC00C11E70",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.8a:*:*:*:*:*:*:*",
"matchCriteriaId": "8B91E4C9-31A7-4CA6-8641-F0D4AEA543BE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in includes/templates/template_default/templates/tpl_gv_send_default.php in Zen Cart before 1.5 allows remote attackers to inject arbitrary web script or HTML via the message parameter in a gv_send action to index.php, a different vulnerability than CVE-2011-4547."
},
{
"lang": "es",
"value": "Una vulnerabilidad de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en en includes/templates/template_default/templates/tpl_gv_send_default.php en Zen Cart antes de v1.5 permite a atacantes remotos inyectar secuencias de comandos web o HTML a trav\u00e9s del par\u00e1metro del mensaje en una acci\u00f3n gv_send a index.php. Se trata de una vulnerabilidad diferente a CVE-2011 hasta 4.547."
}
],
"id": "CVE-2011-4567",
"lastModified": "2024-11-21T01:32:33.793",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-11-29T00:55:01.797",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/50787"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71519"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.dognaedis.com/vulns/DGS-SEC-8.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/50787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.dognaedis.com/vulns/DGS-SEC-8.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2005-12-05 00:03
Modified
2024-11-21 00:03
Severity ?
Summary
SQL injection vulnerability in admin/password_forgotten.php in Zen Cart 1.2.6d and earlier allows remote attackers to execute arbitrary SQL commands via the admin_email parameter.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:*:*:*:*:*:*:*:*",
"matchCriteriaId": "DA2B085E-8101-425A-A186-3DC81FD3AF66",
"versionEndIncluding": "1.2.6d",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in admin/password_forgotten.php in Zen Cart 1.2.6d and earlier allows remote attackers to execute arbitrary SQL commands via the admin_email parameter."
}
],
"id": "CVE-2005-3996",
"lastModified": "2024-11-21T00:03:14.637",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 4.9,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": true,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2005-12-05T00:03:00.000",
"references": [
{
"source": "cve@mitre.org",
"url": "http://rgod.altervista.org/zencart_126d_xpl.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17869"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1015306"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.osvdb.org/21411"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/418517/100/0/threaded"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/418995/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/15690"
},
{
"source": "cve@mitre.org",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2005/2728"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23510"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://rgod.altervista.org/zencart_126d_xpl.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://secunia.com/advisories/17869"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1015306"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.osvdb.org/21411"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/418517/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/418995/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/15690"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
],
"url": "http://www.vupen.com/english/advisories/2005/2728"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23510"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-89"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2011-11-29 00:55
Modified
2024-11-21 01:32
Severity ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in includes/templates/template_default/common/tpl_header_test_info.php in Zen Cart 1.3.9h, when debugging is enabled, might allow remote attackers to inject arbitrary web script or HTML via the (1) main_page parameter or (2) PATH_INFO, a different vulnerability than CVE-2011-4567.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:1.3.9h:*:*:*:*:*:*:*",
"matchCriteriaId": "86212B90-BBB6-41F1-A6D1-1FCDD9799E26",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in includes/templates/template_default/common/tpl_header_test_info.php in Zen Cart 1.3.9h, when debugging is enabled, might allow remote attackers to inject arbitrary web script or HTML via the (1) main_page parameter or (2) PATH_INFO, a different vulnerability than CVE-2011-4567."
},
{
"lang": "es",
"value": "Multiples vulnerabilidades de ejecuci\u00f3n de comandos en sitios cruzados (XSS) en includes/templates/template_default/common/tpl_header_test_info.php en Zen Cart v1.3.9h, cuando est\u00e9 habilitada la depuraci\u00f3n, podr\u00eda permitir a atacantes remotos inyectar HTML o secuencias de comandos HTML a trav\u00e9s de (1) el par\u00e1metro Main_Page o (2) la variable PATH_INFO. Se trata de una vulnerabilidad diferente a CVE-2011-4567."
}
],
"id": "CVE-2011-4547",
"lastModified": "2024-11-21T01:32:31.367",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2011-11-29T00:55:01.657",
"references": [
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/bid/50787"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71519"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "https://www.dognaedis.com/vulns/DGS-SEC-9.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/bid/50787"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71519"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "https://www.dognaedis.com/vulns/DGS-SEC-9.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2012-11-04 22:55
Modified
2024-11-21 01:45
Severity ?
Summary
The PayPal IPN functionality in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, a different vulnerability than CVE-2012-5806.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| paypal | instant_payment_notification | - | |
| zen-cart | zen_cart | - |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:paypal:instant_payment_notification:-:*:*:*:*:*:*:*",
"matchCriteriaId": "389AA769-4986-4889-926D-B44B1AEC9D12",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:-:*:*:*:*:*:*:*",
"matchCriteriaId": "ABF15A43-77A4-48A6-9BFB-095AE21A5651",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The PayPal IPN functionality in Zen Cart does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, a different vulnerability than CVE-2012-5806."
},
{
"lang": "es",
"value": "La funcionalidad PayPal IPN en Zen Cart no comprueba si el nombre del servidor coincide con un nombre de dominio en el Common Name (CN) del asunto o el campo subjectAltName del certificado X.509, lo que permite a atacantes man-in-the-middle falsificar servidores SSL a trav\u00e9s de un certificado v\u00e1lido de su elecci\u00f3n, una vulnerabilidad diferente de CVE-2012-5806."
}
],
"id": "CVE-2012-5805",
"lastModified": "2024-11-21T01:45:15.990",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2012-11-04T22:55:04.200",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-20"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-04-06 18:30
Modified
2024-11-21 00:57
Severity ?
Summary
Cross-site scripting (XSS) vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:2008:*:*:*:*:*:*:*",
"matchCriteriaId": "969D134E-DED8-43F8-B582-F95BE4A9C81A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
},
{
"lang": "es",
"value": "Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en index.php en Zen Software Zen Cart 2008 permite a atacantes remotos inyectar web script o HTML de su elecci\u00f3n a trav\u00e9s del par\u00e1metro \"keyword\" en la p\u00e1gina advanced_search_result.\r\nNOTA: la procedencia de esta informaci\u00f3n es desconocida; los detalles han sido obtenidos solamente a partir de la informaci\u00f3n de terceros."
}
],
"id": "CVE-2008-6616",
"lastModified": "2024-11-21T00:57:00.300",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
]
},
"published": "2009-04-06T18:30:00.233",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/29020.html"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/29020"
},
{
"source": "cve@mitre.org",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42162"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/29020.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.securityfocus.com/bid/29020"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42162"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-79"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
Vulnerability from fkie_nvd
Published
2009-12-14 23:30
Modified
2024-11-21 01:09
Severity ?
Summary
extras/ipn_test_return.php in Zen Cart allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:zen-cart:zen_cart:*:*:*:*:*:*:*:*",
"matchCriteriaId": "BAA0187F-0A11-45C5-B212-0FA5C46A113C",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "extras/ipn_test_return.php in Zen Cart allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message."
},
{
"lang": "es",
"value": "extras/ipn_test_return.php in Zen Cart permite a atacantes remotos obtener informaci\u00f3n sensible a trav\u00e9s de una petici\u00f3n, lo que permite descubrir la ruta de instalaci\u00f3n en un mensaje de error."
}
],
"id": "CVE-2009-4322",
"lastModified": "2024-11-21T01:09:21.970",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "NONE",
"baseScore": 5.0,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 2.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-12-14T23:30:00.280",
"references": [
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.acunetix.com/blog/websecuritynews/acusensor-curl-and-zen-cart/"
},
{
"source": "cve@mitre.org",
"url": "http://www.securityfocus.com/archive/1/508340/100/0/threaded"
},
{
"source": "cve@mitre.org",
"tags": [
"Exploit"
],
"url": "http://www.zen-cart.com/forum/showthread.php?t=142784"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.acunetix.com/blog/websecuritynews/acusensor-curl-and-zen-cart/"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.securityfocus.com/archive/1/508340/100/0/threaded"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit"
],
"url": "http://www.zen-cart.com/forum/showthread.php?t=142784"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-200"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
cve-2008-6985
Vulnerability from cvelistv5
Published
2009-08-18 10:00
Modified
2024-08-07 11:49
Severity ?
EPSS score ?
Summary
Multiple SQL injection vulnerabilities in includes/classes/shopping_cart.php in Zen Cart 1.2.0 through 1.3.8a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter when (1) adding or (2) updating the shopping cart.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/496002/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/44917 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/archive/1/496032/100/100/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.zen-cart.com/forum/showthread.php?p=604473 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/31758 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/31023 | vdb-entry, x_refsource_BID | |
| http://www.gulftech.org/?node=research&article_id=00129-09042008 | x_refsource_MISC | |
| http://www.osvdb.org/48346 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:49:02.486Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080904 Zen Cart \u003c= 1.3.8a SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/496002/100/0/threaded"
},
{
"name": "zencart-shoppingcart-sql-injection(44917)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44917"
},
{
"name": "20080904 Re: Zen Cart \u003c= 1.3.8a SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/496032/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.zen-cart.com/forum/showthread.php?p=604473"
},
{
"name": "31758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31758"
},
{
"name": "31023",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31023"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.gulftech.org/?node=research\u0026article_id=00129-09042008"
},
{
"name": "48346",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/48346"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple SQL injection vulnerabilities in includes/classes/shopping_cart.php in Zen Cart 1.2.0 through 1.3.8a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter when (1) adding or (2) updating the shopping cart."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20080904 Zen Cart \u003c= 1.3.8a SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/496002/100/0/threaded"
},
{
"name": "zencart-shoppingcart-sql-injection(44917)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44917"
},
{
"name": "20080904 Re: Zen Cart \u003c= 1.3.8a SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/496032/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.zen-cart.com/forum/showthread.php?p=604473"
},
{
"name": "31758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31758"
},
{
"name": "31023",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31023"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.gulftech.org/?node=research\u0026article_id=00129-09042008"
},
{
"name": "48346",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/48346"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6985",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple SQL injection vulnerabilities in includes/classes/shopping_cart.php in Zen Cart 1.2.0 through 1.3.8a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter when (1) adding or (2) updating the shopping cart."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080904 Zen Cart \u003c= 1.3.8a SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/496002/100/0/threaded"
},
{
"name": "zencart-shoppingcart-sql-injection(44917)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/44917"
},
{
"name": "20080904 Re: Zen Cart \u003c= 1.3.8a SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/496032/100/100/threaded"
},
{
"name": "http://www.zen-cart.com/forum/showthread.php?p=604473",
"refsource": "CONFIRM",
"url": "http://www.zen-cart.com/forum/showthread.php?p=604473"
},
{
"name": "31758",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31758"
},
{
"name": "31023",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31023"
},
{
"name": "http://www.gulftech.org/?node=research\u0026article_id=00129-09042008",
"refsource": "MISC",
"url": "http://www.gulftech.org/?node=research\u0026article_id=00129-09042008"
},
{
"name": "48346",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/48346"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6985",
"datePublished": "2009-08-18T10:00:00",
"dateReserved": "2009-08-17T00:00:00",
"dateUpdated": "2024-08-07T11:49:02.486Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-4547
Vulnerability from cvelistv5
Published
2011-11-29 00:00
Modified
2024-08-07 00:09
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in includes/templates/template_default/common/tpl_header_test_info.php in Zen Cart 1.3.9h, when debugging is enabled, might allow remote attackers to inject arbitrary web script or HTML via the (1) main_page parameter or (2) PATH_INFO, a different vulnerability than CVE-2011-4567.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/71519 | vdb-entry, x_refsource_XF | |
| https://www.dognaedis.com/vulns/DGS-SEC-9.html | x_refsource_MISC | |
| http://www.securityfocus.com/bid/50787 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:09:18.885Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "zencart-multipleparameters-xss(71519)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71519"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dognaedis.com/vulns/DGS-SEC-9.html"
},
{
"name": "50787",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50787"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in includes/templates/template_default/common/tpl_header_test_info.php in Zen Cart 1.3.9h, when debugging is enabled, might allow remote attackers to inject arbitrary web script or HTML via the (1) main_page parameter or (2) PATH_INFO, a different vulnerability than CVE-2011-4567."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "zencart-multipleparameters-xss(71519)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71519"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dognaedis.com/vulns/DGS-SEC-9.html"
},
{
"name": "50787",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50787"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4547",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in includes/templates/template_default/common/tpl_header_test_info.php in Zen Cart 1.3.9h, when debugging is enabled, might allow remote attackers to inject arbitrary web script or HTML via the (1) main_page parameter or (2) PATH_INFO, a different vulnerability than CVE-2011-4567."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "zencart-multipleparameters-xss(71519)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71519"
},
{
"name": "https://www.dognaedis.com/vulns/DGS-SEC-9.html",
"refsource": "MISC",
"url": "https://www.dognaedis.com/vulns/DGS-SEC-9.html"
},
{
"name": "50787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50787"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-4547",
"datePublished": "2011-11-29T00:00:00",
"dateReserved": "2011-11-23T00:00:00",
"dateUpdated": "2024-08-07T00:09:18.885Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-5807
Vulnerability from cvelistv5
Published
2012-11-04 22:00
Modified
2024-09-16 22:03
Severity ?
EPSS score ?
Summary
The Authorize.Net eCheck module in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:14:16.468Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The Authorize.Net eCheck module in Zen Cart does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-11-04T22:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5807",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The Authorize.Net eCheck module in Zen Cart does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf",
"refsource": "MISC",
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-5807",
"datePublished": "2012-11-04T22:00:00Z",
"dateReserved": "2012-11-04T00:00:00Z",
"dateUpdated": "2024-09-16T22:03:07.105Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-6615
Vulnerability from cvelistv5
Published
2009-04-06 18:00
Modified
2024-08-07 11:34
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to execute arbitrary SQL commands via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/29020 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42161 | vdb-entry, x_refsource_XF | |
| http://downloads.securityfocus.com/vulnerabilities/exploits/29020.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:34:47.159Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "29020",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29020"
},
{
"name": "zencart-index-sql-injection(42161)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42161"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/29020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to execute arbitrary SQL commands via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "29020",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29020"
},
{
"name": "zencart-index-sql-injection(42161)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42161"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/29020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6615",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to execute arbitrary SQL commands via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "29020",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29020"
},
{
"name": "zencart-index-sql-injection(42161)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42161"
},
{
"name": "http://downloads.securityfocus.com/vulnerabilities/exploits/29020.html",
"refsource": "MISC",
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/29020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6615",
"datePublished": "2009-04-06T18:00:00",
"dateReserved": "2009-04-06T00:00:00",
"dateUpdated": "2024-08-07T11:34:47.159Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-4403
Vulnerability from cvelistv5
Published
2015-04-24 14:00
Modified
2024-08-07 00:09
Severity ?
EPSS score ?
Summary
Multiple cross-site request forgery (CSRF) vulnerabilities in Zen Cart 1.3.9h allow remote attackers to hijack the authentication of administrators for requests that (1) delete a product via a delete_product_confirm action to product.php or (2) disable a product via a setflag action to categories.php.
References
| ▼ | URL | Tags |
|---|---|---|
| http://seclists.org/fulldisclosure/2012/Feb/171 | mailing-list, x_refsource_FULLDISC | |
| http://osvdb.org/79137 | vdb-entry, x_refsource_OSVDB |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:09:18.528Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20120210 Zen-Cart Admin CSRF/XSRF - Delete / Disable Products | UPS-2011-0018 | CVE-2011-4403",
"tags": [
"mailing-list",
"x_refsource_FULLDISC",
"x_transferred"
],
"url": "http://seclists.org/fulldisclosure/2012/Feb/171"
},
{
"name": "79137",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/79137"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2012-02-10T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Zen Cart 1.3.9h allow remote attackers to hijack the authentication of administrators for requests that (1) delete a product via a delete_product_confirm action to product.php or (2) disable a product via a setflag action to categories.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-04-24T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20120210 Zen-Cart Admin CSRF/XSRF - Delete / Disable Products | UPS-2011-0018 | CVE-2011-4403",
"tags": [
"mailing-list",
"x_refsource_FULLDISC"
],
"url": "http://seclists.org/fulldisclosure/2012/Feb/171"
},
{
"name": "79137",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/79137"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4403",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site request forgery (CSRF) vulnerabilities in Zen Cart 1.3.9h allow remote attackers to hijack the authentication of administrators for requests that (1) delete a product via a delete_product_confirm action to product.php or (2) disable a product via a setflag action to categories.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20120210 Zen-Cart Admin CSRF/XSRF - Delete / Disable Products | UPS-2011-0018 | CVE-2011-4403",
"refsource": "FULLDISC",
"url": "http://seclists.org/fulldisclosure/2012/Feb/171"
},
{
"name": "79137",
"refsource": "OSVDB",
"url": "http://osvdb.org/79137"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-4403",
"datePublished": "2015-04-24T14:00:00",
"dateReserved": "2011-11-04T00:00:00",
"dateUpdated": "2024-08-07T00:09:18.528Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2006-0697
Vulnerability from cvelistv5
Published
2006-02-15 11:00
Modified
2024-08-07 16:41
Severity ?
EPSS score ?
Summary
Zen Cart before 1.2.7 does not protect the admin/includes directory, which allows remote attackers to cause unknown impact via unspecified vectors, probably direct requests.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2006/0546 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/18801 | third-party-advisory, x_refsource_SECUNIA | |
| http://sourceforge.net/project/shownotes.php?release_id=392886 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T16:41:29.242Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2006-0546",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2006/0546"
},
{
"name": "18801",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/18801"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=392886"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2006-02-13T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Zen Cart before 1.2.7 does not protect the admin/includes directory, which allows remote attackers to cause unknown impact via unspecified vectors, probably direct requests."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-02-26T10:00:00",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2006-0546",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2006/0546"
},
{
"name": "18801",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/18801"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://sourceforge.net/project/shownotes.php?release_id=392886"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2006-0697",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zen Cart before 1.2.7 does not protect the admin/includes directory, which allows remote attackers to cause unknown impact via unspecified vectors, probably direct requests."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2006-0546",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2006/0546"
},
{
"name": "18801",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/18801"
},
{
"name": "http://sourceforge.net/project/shownotes.php?release_id=392886",
"refsource": "CONFIRM",
"url": "http://sourceforge.net/project/shownotes.php?release_id=392886"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2006-0697",
"datePublished": "2006-02-15T11:00:00",
"dateReserved": "2006-02-15T00:00:00",
"dateUpdated": "2024-08-07T16:41:29.242Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-5806
Vulnerability from cvelistv5
Published
2012-11-04 22:00
Modified
2024-09-16 20:17
Severity ?
EPSS score ?
Summary
The PayPal Payments Pro module in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the PHP fsockopen function, a different vulnerability than CVE-2012-5805.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:14:16.573Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The PayPal Payments Pro module in Zen Cart does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the PHP fsockopen function, a different vulnerability than CVE-2012-5805."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-11-04T22:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5806",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PayPal Payments Pro module in Zen Cart does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, related to use of the PHP fsockopen function, a different vulnerability than CVE-2012-5805."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf",
"refsource": "MISC",
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-5806",
"datePublished": "2012-11-04T22:00:00Z",
"dateReserved": "2012-11-04T00:00:00Z",
"dateUpdated": "2024-09-16T20:17:39.680Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2011-4567
Vulnerability from cvelistv5
Published
2011-11-29 00:00
Modified
2024-08-07 00:09
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in includes/templates/template_default/templates/tpl_gv_send_default.php in Zen Cart before 1.5 allows remote attackers to inject arbitrary web script or HTML via the message parameter in a gv_send action to index.php, a different vulnerability than CVE-2011-4547.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/71519 | vdb-entry, x_refsource_XF | |
| https://www.dognaedis.com/vulns/DGS-SEC-8.html | x_refsource_MISC | |
| http://www.securityfocus.com/bid/50787 | vdb-entry, x_refsource_BID |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T00:09:18.960Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "zencart-multipleparameters-xss(71519)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71519"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.dognaedis.com/vulns/DGS-SEC-8.html"
},
{
"name": "50787",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/50787"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2011-11-22T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in includes/templates/template_default/templates/tpl_gv_send_default.php in Zen Cart before 1.5 allows remote attackers to inject arbitrary web script or HTML via the message parameter in a gv_send action to index.php, a different vulnerability than CVE-2011-4547."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-28T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "zencart-multipleparameters-xss(71519)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71519"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.dognaedis.com/vulns/DGS-SEC-8.html"
},
{
"name": "50787",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/50787"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2011-4567",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in includes/templates/template_default/templates/tpl_gv_send_default.php in Zen Cart before 1.5 allows remote attackers to inject arbitrary web script or HTML via the message parameter in a gv_send action to index.php, a different vulnerability than CVE-2011-4547."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "zencart-multipleparameters-xss(71519)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/71519"
},
{
"name": "https://www.dognaedis.com/vulns/DGS-SEC-8.html",
"refsource": "MISC",
"url": "https://www.dognaedis.com/vulns/DGS-SEC-8.html"
},
{
"name": "50787",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/50787"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2011-4567",
"datePublished": "2011-11-29T00:00:00",
"dateReserved": "2011-11-28T00:00:00",
"dateUpdated": "2024-08-07T00:09:18.960Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2021-3291
Vulnerability from cvelistv5
Published
2021-01-26 06:47
Modified
2024-08-03 16:53
Severity ?
EPSS score ?
Summary
Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/MucahitSaratar/zencart_auth_rce_poc | x_refsource_MISC | |
| http://packetstormsecurity.com/files/161613/Zen-Cart-1.5.7b-Remote-Code-Execution.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T16:53:17.248Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/MucahitSaratar/zencart_auth_rce_poc"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://packetstormsecurity.com/files/161613/Zen-Cart-1.5.7b-Remote-Code-Execution.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-02T17:06:27",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/MucahitSaratar/zencart_auth_rce_poc"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://packetstormsecurity.com/files/161613/Zen-Cart-1.5.7b-Remote-Code-Execution.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2021-3291",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/MucahitSaratar/zencart_auth_rce_poc",
"refsource": "MISC",
"url": "https://github.com/MucahitSaratar/zencart_auth_rce_poc"
},
{
"name": "http://packetstormsecurity.com/files/161613/Zen-Cart-1.5.7b-Remote-Code-Execution.html",
"refsource": "MISC",
"url": "http://packetstormsecurity.com/files/161613/Zen-Cart-1.5.7b-Remote-Code-Execution.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2021-3291",
"datePublished": "2021-01-26T06:47:35",
"dateReserved": "2021-01-25T00:00:00",
"dateUpdated": "2024-08-03T16:53:17.248Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-4322
Vulnerability from cvelistv5
Published
2009-12-14 23:00
Modified
2024-08-07 07:01
Severity ?
EPSS score ?
Summary
extras/ipn_test_return.php in Zen Cart allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.acunetix.com/blog/websecuritynews/acusensor-curl-and-zen-cart/ | x_refsource_MISC | |
| http://www.zen-cart.com/forum/showthread.php?t=142784 | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/508340/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:01:20.273Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.acunetix.com/blog/websecuritynews/acusensor-curl-and-zen-cart/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zen-cart.com/forum/showthread.php?t=142784"
},
{
"name": "20091209 Zen Cart local file disclosure vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/508340/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "extras/ipn_test_return.php in Zen Cart allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.acunetix.com/blog/websecuritynews/acusensor-curl-and-zen-cart/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zen-cart.com/forum/showthread.php?t=142784"
},
{
"name": "20091209 Zen Cart local file disclosure vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/508340/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4322",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "extras/ipn_test_return.php in Zen Cart allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.acunetix.com/blog/websecuritynews/acusensor-curl-and-zen-cart/",
"refsource": "MISC",
"url": "http://www.acunetix.com/blog/websecuritynews/acusensor-curl-and-zen-cart/"
},
{
"name": "http://www.zen-cart.com/forum/showthread.php?t=142784",
"refsource": "MISC",
"url": "http://www.zen-cart.com/forum/showthread.php?t=142784"
},
{
"name": "20091209 Zen Cart local file disclosure vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508340/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4322",
"datePublished": "2009-12-14T23:00:00",
"dateReserved": "2009-12-14T00:00:00",
"dateUpdated": "2024-08-07T07:01:20.273Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2020-6578
Vulnerability from cvelistv5
Published
2021-03-19 03:29
Modified
2024-08-04 09:11
Severity ?
EPSS score ?
Summary
Zen Cart 1.5.6d allows reflected XSS via the main_page parameter to includes/templates/template_default/common/tpl_main_page.php or includes/templates/responsive_classic/common/tpl_main_page.php.
References
| ▼ | URL | Tags |
|---|---|---|
| https://herolab.usd.de/security-advisories/ | x_refsource_MISC | |
| https://herolab.usd.de/security-advisories/usd-2019-0069/ | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T09:11:04.626Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://herolab.usd.de/security-advisories/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://herolab.usd.de/security-advisories/usd-2019-0069/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Zen Cart 1.5.6d allows reflected XSS via the main_page parameter to includes/templates/template_default/common/tpl_main_page.php or includes/templates/responsive_classic/common/tpl_main_page.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2021-03-19T03:29:09",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://herolab.usd.de/security-advisories/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://herolab.usd.de/security-advisories/usd-2019-0069/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2020-6578",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zen Cart 1.5.6d allows reflected XSS via the main_page parameter to includes/templates/template_default/common/tpl_main_page.php or includes/templates/responsive_classic/common/tpl_main_page.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://herolab.usd.de/security-advisories/",
"refsource": "MISC",
"url": "https://herolab.usd.de/security-advisories/"
},
{
"name": "https://herolab.usd.de/security-advisories/usd-2019-0069/",
"refsource": "MISC",
"url": "https://herolab.usd.de/security-advisories/usd-2019-0069/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2020-6578",
"datePublished": "2021-03-19T03:29:09",
"dateReserved": "2020-01-08T00:00:00",
"dateUpdated": "2024-08-04T09:11:04.626Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-8352
Vulnerability from cvelistv5
Published
2017-08-24 21:00
Modified
2024-08-06 08:13
Severity ?
EPSS score ?
Summary
Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.htbridge.com/advisory/HTB23282 | x_refsource_MISC | |
| https://www.exploit-db.com/exploits/39017/ | exploit, x_refsource_EXPLOIT-DB | |
| http://www.securityfocus.com/archive/1/537129/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://www.zen-cart.com/showthread.php?218914-Security-Patches-for-v1-5-4-November-2015 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T08:13:32.508Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.htbridge.com/advisory/HTB23282"
},
{
"name": "39017",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "https://www.exploit-db.com/exploits/39017/"
},
{
"name": "20151216 RCE in Zen Cart via Arbitrary File Inclusion",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/537129/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.zen-cart.com/showthread.php?218914-Security-Patches-for-v1-5-4-November-2015"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-11-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-09T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.htbridge.com/advisory/HTB23282"
},
{
"name": "39017",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "https://www.exploit-db.com/exploits/39017/"
},
{
"name": "20151216 RCE in Zen Cart via Arbitrary File Inclusion",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/537129/100/0/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.zen-cart.com/showthread.php?218914-Security-Patches-for-v1-5-4-November-2015"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2015-8352",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.htbridge.com/advisory/HTB23282",
"refsource": "MISC",
"url": "https://www.htbridge.com/advisory/HTB23282"
},
{
"name": "39017",
"refsource": "EXPLOIT-DB",
"url": "https://www.exploit-db.com/exploits/39017/"
},
{
"name": "20151216 RCE in Zen Cart via Arbitrary File Inclusion",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/537129/100/0/threaded"
},
{
"name": "https://www.zen-cart.com/showthread.php?218914-Security-Patches-for-v1-5-4-November-2015",
"refsource": "CONFIRM",
"url": "https://www.zen-cart.com/showthread.php?218914-Security-Patches-for-v1-5-4-November-2015"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2015-8352",
"datePublished": "2017-08-24T21:00:00",
"dateReserved": "2015-11-25T00:00:00",
"dateUpdated": "2024-08-06T08:13:32.508Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-4321
Vulnerability from cvelistv5
Published
2009-12-14 23:00
Modified
2024-08-07 07:01
Severity ?
EPSS score ?
Summary
extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other versions, allows remote attackers to read arbitrary files via a file:// URI. NOTE: some of these details are obtained from third party information.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2009/3474 | vdb-entry, x_refsource_VUPEN | |
| http://osvdb.org/60892 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/bid/37283 | vdb-entry, x_refsource_BID | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/54687 | vdb-entry, x_refsource_XF | |
| http://www.acunetix.com/blog/websecuritynews/acusensor-curl-and-zen-cart/ | x_refsource_MISC | |
| http://www.zen-cart.com/forum/showthread.php?t=142784 | x_refsource_MISC | |
| http://www.securityfocus.com/archive/1/508340/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://secunia.com/advisories/37630 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:01:19.699Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2009-3474",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2009/3474"
},
{
"name": "60892",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://osvdb.org/60892"
},
{
"name": "37283",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37283"
},
{
"name": "zencart-curltest-file-include(54687)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54687"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.acunetix.com/blog/websecuritynews/acusensor-curl-and-zen-cart/"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.zen-cart.com/forum/showthread.php?t=142784"
},
{
"name": "20091209 Zen Cart local file disclosure vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/508340/100/0/threaded"
},
{
"name": "37630",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/37630"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other versions, allows remote attackers to read arbitrary files via a file:// URI. NOTE: some of these details are obtained from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-10T18:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2009-3474",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2009/3474"
},
{
"name": "60892",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://osvdb.org/60892"
},
{
"name": "37283",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/37283"
},
{
"name": "zencart-curltest-file-include(54687)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54687"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.acunetix.com/blog/websecuritynews/acusensor-curl-and-zen-cart/"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.zen-cart.com/forum/showthread.php?t=142784"
},
{
"name": "20091209 Zen Cart local file disclosure vulnerability",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/508340/100/0/threaded"
},
{
"name": "37630",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/37630"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4321",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other versions, allows remote attackers to read arbitrary files via a file:// URI. NOTE: some of these details are obtained from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2009-3474",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2009/3474"
},
{
"name": "60892",
"refsource": "OSVDB",
"url": "http://osvdb.org/60892"
},
{
"name": "37283",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37283"
},
{
"name": "zencart-curltest-file-include(54687)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/54687"
},
{
"name": "http://www.acunetix.com/blog/websecuritynews/acusensor-curl-and-zen-cart/",
"refsource": "MISC",
"url": "http://www.acunetix.com/blog/websecuritynews/acusensor-curl-and-zen-cart/"
},
{
"name": "http://www.zen-cart.com/forum/showthread.php?t=142784",
"refsource": "MISC",
"url": "http://www.zen-cart.com/forum/showthread.php?t=142784"
},
{
"name": "20091209 Zen Cart local file disclosure vulnerability",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/508340/100/0/threaded"
},
{
"name": "37630",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37630"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4321",
"datePublished": "2009-12-14T23:00:00",
"dateReserved": "2009-12-14T00:00:00",
"dateUpdated": "2024-08-07T07:01:19.699Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-1413
Vulnerability from cvelistv5
Published
2012-05-27 19:00
Modified
2024-09-16 19:51
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in zc_install/includes/modules/pages/database_setup/header_php.php in Zen Cart 1.5.0 and earlier, when the software is being installed, allows remote attackers to inject arbitrary web script or HTML via the db_username parameter to zc_install/index.php.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.trustwave.com/spiderlabs/advisories/TWSL2012-004.txt | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T18:53:37.341Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2012-004.txt"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in zc_install/includes/modules/pages/database_setup/header_php.php in Zen Cart 1.5.0 and earlier, when the software is being installed, allows remote attackers to inject arbitrary web script or HTML via the db_username parameter to zc_install/index.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-05-27T19:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2012-004.txt"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-1413",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in zc_install/includes/modules/pages/database_setup/header_php.php in Zen Cart 1.5.0 and earlier, when the software is being installed, allows remote attackers to inject arbitrary web script or HTML via the db_username parameter to zc_install/index.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.trustwave.com/spiderlabs/advisories/TWSL2012-004.txt",
"refsource": "MISC",
"url": "https://www.trustwave.com/spiderlabs/advisories/TWSL2012-004.txt"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-1413",
"datePublished": "2012-05-27T19:00:00Z",
"dateReserved": "2012-02-28T00:00:00Z",
"dateUpdated": "2024-09-16T19:51:07.354Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-2255
Vulnerability from cvelistv5
Published
2009-06-30 10:00
Modified
2024-08-07 05:44
Severity ?
EPSS score ?
Summary
Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/record_company.php, which allows remote attackers to execute arbitrary code by uploading a .php file via the record_company_image parameter in conjunction with a PATH_INFO of password_forgotten.php, then accessing this file via a direct request to the file in images/.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/35467 | vdb-entry, x_refsource_BID | |
| http://www.osvdb.org/55344 | vdb-entry, x_refsource_OSVDB | |
| http://www.zen-cart.com/forum/showthread.php?t=130161 | x_refsource_CONFIRM | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/51316 | vdb-entry, x_refsource_XF | |
| http://www.zen-cart.com/forum/attachment.php?attachmentid=5965 | x_refsource_CONFIRM | |
| http://www.exploit-db.com/exploits/9004 | exploit, x_refsource_EXPLOIT-DB | |
| http://secunia.com/advisories/35550 | third-party-advisory, x_refsource_SECUNIA |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:44:55.794Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "35467",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35467"
},
{
"name": "55344",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/55344"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.zen-cart.com/forum/showthread.php?t=130161"
},
{
"name": "zencart-recordcompany-code-execution(51316)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51316"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.zen-cart.com/forum/attachment.php?attachmentid=5965"
},
{
"name": "9004",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/9004"
},
{
"name": "35550",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35550"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/record_company.php, which allows remote attackers to execute arbitrary code by uploading a .php file via the record_company_image parameter in conjunction with a PATH_INFO of password_forgotten.php, then accessing this file via a direct request to the file in images/."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "35467",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35467"
},
{
"name": "55344",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/55344"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.zen-cart.com/forum/showthread.php?t=130161"
},
{
"name": "zencart-recordcompany-code-execution(51316)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51316"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.zen-cart.com/forum/attachment.php?attachmentid=5965"
},
{
"name": "9004",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/9004"
},
{
"name": "35550",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35550"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2255",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/record_company.php, which allows remote attackers to execute arbitrary code by uploading a .php file via the record_company_image parameter in conjunction with a PATH_INFO of password_forgotten.php, then accessing this file via a direct request to the file in images/."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "35467",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35467"
},
{
"name": "55344",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/55344"
},
{
"name": "http://www.zen-cart.com/forum/showthread.php?t=130161",
"refsource": "CONFIRM",
"url": "http://www.zen-cart.com/forum/showthread.php?t=130161"
},
{
"name": "zencart-recordcompany-code-execution(51316)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51316"
},
{
"name": "http://www.zen-cart.com/forum/attachment.php?attachmentid=5965",
"refsource": "CONFIRM",
"url": "http://www.zen-cart.com/forum/attachment.php?attachmentid=5965"
},
{
"name": "9004",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9004"
},
{
"name": "35550",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35550"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2255",
"datePublished": "2009-06-30T10:00:00",
"dateReserved": "2009-06-29T00:00:00",
"dateUpdated": "2024-08-07T05:44:55.794Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2005-3996
Vulnerability from cvelistv5
Published
2005-12-05 00:00
Modified
2024-08-07 23:31
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in admin/password_forgotten.php in Zen Cart 1.2.6d and earlier allows remote attackers to execute arbitrary SQL commands via the admin_email parameter.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.vupen.com/english/advisories/2005/2728 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/17869 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/418995/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/23510 | vdb-entry, x_refsource_XF | |
| http://securitytracker.com/id?1015306 | vdb-entry, x_refsource_SECTRACK | |
| http://www.osvdb.org/21411 | vdb-entry, x_refsource_OSVDB | |
| http://rgod.altervista.org/zencart_126d_xpl.html | x_refsource_MISC | |
| http://www.securityfocus.com/bid/15690 | vdb-entry, x_refsource_BID | |
| http://www.securityfocus.com/archive/1/418517/100/0/threaded | mailing-list, x_refsource_BUGTRAQ |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T23:31:48.948Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "ADV-2005-2728",
"tags": [
"vdb-entry",
"x_refsource_VUPEN",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2005/2728"
},
{
"name": "17869",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/17869"
},
{
"name": "20051205 = 1.2.6d blind SQL injection / remote commands execution:",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/418995/100/0/threaded"
},
{
"name": "forgotten-sql-injection(23510)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23510"
},
{
"name": "1015306",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://securitytracker.com/id?1015306"
},
{
"name": "21411",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/21411"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://rgod.altervista.org/zencart_126d_xpl.html"
},
{
"name": "15690",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/15690"
},
{
"name": "20051202 Zen-Cart \u003c= 1.2.6d blind SQL injection / remote commands execution:",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/418517/100/0/threaded"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2005-12-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in admin/password_forgotten.php in Zen Cart 1.2.6d and earlier allows remote attackers to execute arbitrary SQL commands via the admin_email parameter."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-19T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "ADV-2005-2728",
"tags": [
"vdb-entry",
"x_refsource_VUPEN"
],
"url": "http://www.vupen.com/english/advisories/2005/2728"
},
{
"name": "17869",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/17869"
},
{
"name": "20051205 = 1.2.6d blind SQL injection / remote commands execution:",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/418995/100/0/threaded"
},
{
"name": "forgotten-sql-injection(23510)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23510"
},
{
"name": "1015306",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://securitytracker.com/id?1015306"
},
{
"name": "21411",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/21411"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://rgod.altervista.org/zencart_126d_xpl.html"
},
{
"name": "15690",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/15690"
},
{
"name": "20051202 Zen-Cart \u003c= 1.2.6d blind SQL injection / remote commands execution:",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/418517/100/0/threaded"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2005-3996",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in admin/password_forgotten.php in Zen Cart 1.2.6d and earlier allows remote attackers to execute arbitrary SQL commands via the admin_email parameter."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "ADV-2005-2728",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2005/2728"
},
{
"name": "17869",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/17869"
},
{
"name": "20051205 = 1.2.6d blind SQL injection / remote commands execution:",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/418995/100/0/threaded"
},
{
"name": "forgotten-sql-injection(23510)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/23510"
},
{
"name": "1015306",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1015306"
},
{
"name": "21411",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/21411"
},
{
"name": "http://rgod.altervista.org/zencart_126d_xpl.html",
"refsource": "MISC",
"url": "http://rgod.altervista.org/zencart_126d_xpl.html"
},
{
"name": "15690",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/15690"
},
{
"name": "20051202 Zen-Cart \u003c= 1.2.6d blind SQL injection / remote commands execution:",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/418517/100/0/threaded"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2005-3996",
"datePublished": "2005-12-05T00:00:00",
"dateReserved": "2005-12-04T00:00:00",
"dateUpdated": "2024-08-07T23:31:48.948Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-6616
Vulnerability from cvelistv5
Published
2009-04-06 18:00
Modified
2024-08-07 11:34
Severity ?
EPSS score ?
Summary
Cross-site scripting (XSS) vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.
References
| ▼ | URL | Tags |
|---|---|---|
| https://exchange.xforce.ibmcloud.com/vulnerabilities/42162 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/29020 | vdb-entry, x_refsource_BID | |
| http://downloads.securityfocus.com/vulnerabilities/exploits/29020.html | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:34:47.071Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "zencart-index-xss(42162)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42162"
},
{
"name": "29020",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/29020"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/29020.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-05-02T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Cross-site scripting (XSS) vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-08-16T14:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "zencart-index-xss(42162)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42162"
},
{
"name": "29020",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/29020"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/29020.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6616",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Cross-site scripting (XSS) vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "zencart-index-xss(42162)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/42162"
},
{
"name": "29020",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/29020"
},
{
"name": "http://downloads.securityfocus.com/vulnerabilities/exploits/29020.html",
"refsource": "MISC",
"url": "http://downloads.securityfocus.com/vulnerabilities/exploits/29020.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6616",
"datePublished": "2009-04-06T18:00:00",
"dateReserved": "2009-04-06T00:00:00",
"dateUpdated": "2024-08-07T11:34:47.071Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2015-0882
Vulnerability from cvelistv5
Published
2015-02-27 02:00
Modified
2024-08-06 04:26
Severity ?
EPSS score ?
Summary
Multiple cross-site scripting (XSS) vulnerabilities in zencart-ja (aka Zen Cart Japanese edition) 1.3 jp through 1.3.0.2 jp8 and 1.5 ja through 1.5.1 ja allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to admin/includes/init_includes/init_sanitize.php and includes/init_includes/init_sanitize.php.
References
| ▼ | URL | Tags |
|---|---|---|
| http://jvn.jp/en/jp/JVN44544694/index.html | third-party-advisory, x_refsource_JVN | |
| http://jvndb.jvn.jp/jvndb/JVNDB-2015-000027 | third-party-advisory, x_refsource_JVNDB | |
| http://jvn.jp/en/jp/JVN44544694/281242/index.html | x_refsource_CONFIRM | |
| https://github.com/zencart-ja/zc-v1-series/commit/022949bd09444d7e58703cc537dbbd5744c381b8 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T04:26:11.215Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "JVN#44544694",
"tags": [
"third-party-advisory",
"x_refsource_JVN",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN44544694/index.html"
},
{
"name": "JVNDB-2015-000027",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB",
"x_transferred"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000027"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://jvn.jp/en/jp/JVN44544694/281242/index.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zencart-ja/zc-v1-series/commit/022949bd09444d7e58703cc537dbbd5744c381b8"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2015-02-25T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in zencart-ja (aka Zen Cart Japanese edition) 1.3 jp through 1.3.0.2 jp8 and 1.5 ja through 1.5.1 ja allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to admin/includes/init_includes/init_sanitize.php and includes/init_includes/init_sanitize.php."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2015-02-27T02:57:00",
"orgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"shortName": "jpcert"
},
"references": [
{
"name": "JVN#44544694",
"tags": [
"third-party-advisory",
"x_refsource_JVN"
],
"url": "http://jvn.jp/en/jp/JVN44544694/index.html"
},
{
"name": "JVNDB-2015-000027",
"tags": [
"third-party-advisory",
"x_refsource_JVNDB"
],
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000027"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://jvn.jp/en/jp/JVN44544694/281242/index.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zencart-ja/zc-v1-series/commit/022949bd09444d7e58703cc537dbbd5744c381b8"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "vultures@jpcert.or.jp",
"ID": "CVE-2015-0882",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Multiple cross-site scripting (XSS) vulnerabilities in zencart-ja (aka Zen Cart Japanese edition) 1.3 jp through 1.3.0.2 jp8 and 1.5 ja through 1.5.1 ja allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to admin/includes/init_includes/init_sanitize.php and includes/init_includes/init_sanitize.php."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "JVN#44544694",
"refsource": "JVN",
"url": "http://jvn.jp/en/jp/JVN44544694/index.html"
},
{
"name": "JVNDB-2015-000027",
"refsource": "JVNDB",
"url": "http://jvndb.jvn.jp/jvndb/JVNDB-2015-000027"
},
{
"name": "http://jvn.jp/en/jp/JVN44544694/281242/index.html",
"refsource": "CONFIRM",
"url": "http://jvn.jp/en/jp/JVN44544694/281242/index.html"
},
{
"name": "https://github.com/zencart-ja/zc-v1-series/commit/022949bd09444d7e58703cc537dbbd5744c381b8",
"refsource": "CONFIRM",
"url": "https://github.com/zencart-ja/zc-v1-series/commit/022949bd09444d7e58703cc537dbbd5744c381b8"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "ede6fdc4-6654-4307-a26d-3331c018e2ce",
"assignerShortName": "jpcert",
"cveId": "CVE-2015-0882",
"datePublished": "2015-02-27T02:00:00",
"dateReserved": "2015-01-08T00:00:00",
"dateUpdated": "2024-08-06T04:26:11.215Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-8833
Vulnerability from cvelistv5
Published
2017-05-08 06:10
Modified
2024-08-05 16:48
Severity ?
EPSS score ?
Summary
Zen Cart 1.6.0 has XSS in the main_page parameter to index.php. NOTE: 1.6.0 is not an official release but the vendor's README.md file offers a link to v160.zip with a description of "Download latest in-development version from github."
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/zencart/zencart/issues/1431 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T16:48:22.668Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://github.com/zencart/zencart/issues/1431"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-05-08T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Zen Cart 1.6.0 has XSS in the main_page parameter to index.php. NOTE: 1.6.0 is not an official release but the vendor\u0027s README.md file offers a link to v160.zip with a description of \"Download latest in-development version from github.\""
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-05-08T06:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://github.com/zencart/zencart/issues/1431"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-8833",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zen Cart 1.6.0 has XSS in the main_page parameter to index.php. NOTE: 1.6.0 is not an official release but the vendor\u0027s README.md file offers a link to v160.zip with a description of \"Download latest in-development version from github.\""
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/zencart/zencart/issues/1431",
"refsource": "CONFIRM",
"url": "https://github.com/zencart/zencart/issues/1431"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-8833",
"datePublished": "2017-05-08T06:10:00",
"dateReserved": "2017-05-08T00:00:00",
"dateUpdated": "2024-08-05T16:48:22.668Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-5805
Vulnerability from cvelistv5
Published
2012-11-04 22:00
Modified
2024-09-16 20:02
Severity ?
EPSS score ?
Summary
The PayPal IPN functionality in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, a different vulnerability than CVE-2012-5806.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:14:16.567Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The PayPal IPN functionality in Zen Cart does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, a different vulnerability than CVE-2012-5806."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-11-04T22:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5805",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The PayPal IPN functionality in Zen Cart does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate, a different vulnerability than CVE-2012-5806."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf",
"refsource": "MISC",
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-5805",
"datePublished": "2012-11-04T22:00:00Z",
"dateReserved": "2012-11-04T00:00:00Z",
"dateUpdated": "2024-09-16T20:02:18.307Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2012-5808
Vulnerability from cvelistv5
Published
2012-11-04 22:00
Modified
2024-09-16 22:09
Severity ?
EPSS score ?
Summary
The LinkPoint module in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-06T21:14:16.509Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The LinkPoint module in Zen Cart does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2012-11-04T22:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2012-5808",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The LinkPoint module in Zen Cart does not verify that the server hostname matches a domain name in the subject\u0027s Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid certificate."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf",
"refsource": "MISC",
"url": "http://www.cs.utexas.edu/~shmat/shmat_ccs12.pdf"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2012-5808",
"datePublished": "2012-11-04T22:00:00Z",
"dateReserved": "2012-11-04T00:00:00Z",
"dateUpdated": "2024-09-16T22:09:22.963Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-4323
Vulnerability from cvelistv5
Published
2009-12-14 23:00
Modified
2024-09-17 00:31
Severity ?
EPSS score ?
Summary
The installation for Zen Cart stores sensitive information and insecure programs under the (1) docs, (2) extras, and (3) zc_install folders, and (4) install.txt, which allows remote attackers to obtain sensitive information, delete the database, and conduct other attacks via a direct request, different vulnerabilities than CVE-2009-4321 and CVE-2009-4322.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.zen-cart.com/forum/showthread.php?t=142784 | x_refsource_CONFIRM |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T07:01:20.451Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.zen-cart.com/forum/showthread.php?t=142784"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "The installation for Zen Cart stores sensitive information and insecure programs under the (1) docs, (2) extras, and (3) zc_install folders, and (4) install.txt, which allows remote attackers to obtain sensitive information, delete the database, and conduct other attacks via a direct request, different vulnerabilities than CVE-2009-4321 and CVE-2009-4322."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2009-12-14T23:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.zen-cart.com/forum/showthread.php?t=142784"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-4323",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The installation for Zen Cart stores sensitive information and insecure programs under the (1) docs, (2) extras, and (3) zc_install folders, and (4) install.txt, which allows remote attackers to obtain sensitive information, delete the database, and conduct other attacks via a direct request, different vulnerabilities than CVE-2009-4321 and CVE-2009-4322."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.zen-cart.com/forum/showthread.php?t=142784",
"refsource": "CONFIRM",
"url": "http://www.zen-cart.com/forum/showthread.php?t=142784"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-4323",
"datePublished": "2009-12-14T23:00:00Z",
"dateReserved": "2009-12-14T00:00:00Z",
"dateUpdated": "2024-09-17T00:31:24.431Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-11675
Vulnerability from cvelistv5
Published
2017-07-27 06:00
Modified
2024-08-05 18:19
Severity ?
EPSS score ?
Summary
The traverseStrictSanitize function in admin_dir/includes/classes/AdminRequestSanitizer.php in ZenCart 1.5.5e mishandles key strings, which allows remote authenticated users to execute arbitrary PHP code by placing that code into an invalid array index of the admin_name array parameter to admin_dir/login.php, if there is an export of an error-log entry for that invalid array index.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/imp0wd3r/vuln-papers/tree/master/zencart-155e-auth-rce | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T18:19:37.666Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/imp0wd3r/vuln-papers/tree/master/zencart-155e-auth-rce"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2017-07-26T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The traverseStrictSanitize function in admin_dir/includes/classes/AdminRequestSanitizer.php in ZenCart 1.5.5e mishandles key strings, which allows remote authenticated users to execute arbitrary PHP code by placing that code into an invalid array index of the admin_name array parameter to admin_dir/login.php, if there is an export of an error-log entry for that invalid array index."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-27T05:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/imp0wd3r/vuln-papers/tree/master/zencart-155e-auth-rce"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-11675",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The traverseStrictSanitize function in admin_dir/includes/classes/AdminRequestSanitizer.php in ZenCart 1.5.5e mishandles key strings, which allows remote authenticated users to execute arbitrary PHP code by placing that code into an invalid array index of the admin_name array parameter to admin_dir/login.php, if there is an export of an error-log entry for that invalid array index."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/imp0wd3r/vuln-papers/tree/master/zencart-155e-auth-rce",
"refsource": "MISC",
"url": "https://github.com/imp0wd3r/vuln-papers/tree/master/zencart-155e-auth-rce"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-11675",
"datePublished": "2017-07-27T06:00:00",
"dateReserved": "2017-07-26T00:00:00",
"dateUpdated": "2024-08-05T18:19:37.666Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2008-6986
Vulnerability from cvelistv5
Published
2009-08-18 10:00
Modified
2024-08-07 11:49
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in the actionMultipleAddProduct function in includes/classes/shopping_cart.php in Zen Cart 1.3.0 through 1.3.8a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the products_id array parameter in a multiple_products_add_product action, a different vulnerability than CVE-2008-6985.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/496002/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.osvdb.org/48347 | vdb-entry, x_refsource_OSVDB | |
| http://www.securityfocus.com/archive/1/496032/100/100/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.zen-cart.com/forum/showthread.php?p=604473 | x_refsource_CONFIRM | |
| http://secunia.com/advisories/31758 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/bid/31023 | vdb-entry, x_refsource_BID | |
| http://www.gulftech.org/?node=research&article_id=00129-09042008 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T11:49:02.448Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "20080904 Zen Cart \u003c= 1.3.8a SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/496002/100/0/threaded"
},
{
"name": "48347",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/48347"
},
{
"name": "20080904 Re: Zen Cart \u003c= 1.3.8a SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ",
"x_transferred"
],
"url": "http://www.securityfocus.com/archive/1/496032/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.zen-cart.com/forum/showthread.php?p=604473"
},
{
"name": "31758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/31758"
},
{
"name": "31023",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/31023"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "http://www.gulftech.org/?node=research\u0026article_id=00129-09042008"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2008-09-04T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "SQL injection vulnerability in the actionMultipleAddProduct function in includes/classes/shopping_cart.php in Zen Cart 1.3.0 through 1.3.8a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the products_id array parameter in a multiple_products_add_product action, a different vulnerability than CVE-2008-6985."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-11T19:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "20080904 Zen Cart \u003c= 1.3.8a SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/496002/100/0/threaded"
},
{
"name": "48347",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/48347"
},
{
"name": "20080904 Re: Zen Cart \u003c= 1.3.8a SQL Injection",
"tags": [
"mailing-list",
"x_refsource_BUGTRAQ"
],
"url": "http://www.securityfocus.com/archive/1/496032/100/100/threaded"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.zen-cart.com/forum/showthread.php?p=604473"
},
{
"name": "31758",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/31758"
},
{
"name": "31023",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/31023"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "http://www.gulftech.org/?node=research\u0026article_id=00129-09042008"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2008-6986",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "SQL injection vulnerability in the actionMultipleAddProduct function in includes/classes/shopping_cart.php in Zen Cart 1.3.0 through 1.3.8a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the products_id array parameter in a multiple_products_add_product action, a different vulnerability than CVE-2008-6985."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "20080904 Zen Cart \u003c= 1.3.8a SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/496002/100/0/threaded"
},
{
"name": "48347",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/48347"
},
{
"name": "20080904 Re: Zen Cart \u003c= 1.3.8a SQL Injection",
"refsource": "BUGTRAQ",
"url": "http://www.securityfocus.com/archive/1/496032/100/100/threaded"
},
{
"name": "http://www.zen-cart.com/forum/showthread.php?p=604473",
"refsource": "CONFIRM",
"url": "http://www.zen-cart.com/forum/showthread.php?p=604473"
},
{
"name": "31758",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/31758"
},
{
"name": "31023",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/31023"
},
{
"name": "http://www.gulftech.org/?node=research\u0026article_id=00129-09042008",
"refsource": "MISC",
"url": "http://www.gulftech.org/?node=research\u0026article_id=00129-09042008"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2008-6986",
"datePublished": "2009-08-18T10:00:00",
"dateReserved": "2009-08-17T00:00:00",
"dateUpdated": "2024-08-07T11:49:02.448Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2017-10667
Vulnerability from cvelistv5
Published
2017-06-29 00:00
Modified
2024-09-17 00:11
Severity ?
EPSS score ?
Summary
In index.php in Zen Cart 1.6.0, the products_id parameter can cause XSS.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/zencart/zencart/issues/1443 | x_refsource_MISC | |
| https://github.com/zhonghaozhao/zencart/issues/1 | x_refsource_MISC |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T17:41:55.680Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zencart/zencart/issues/1443"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://github.com/zhonghaozhao/zencart/issues/1"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "In index.php in Zen Cart 1.6.0, the products_id parameter can cause XSS."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-06-29T00:00:00Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zencart/zencart/issues/1443"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://github.com/zhonghaozhao/zencart/issues/1"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2017-10667",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "In index.php in Zen Cart 1.6.0, the products_id parameter can cause XSS."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://github.com/zencart/zencart/issues/1443",
"refsource": "MISC",
"url": "https://github.com/zencart/zencart/issues/1443"
},
{
"name": "https://github.com/zhonghaozhao/zencart/issues/1",
"refsource": "MISC",
"url": "https://github.com/zhonghaozhao/zencart/issues/1"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2017-10667",
"datePublished": "2017-06-29T00:00:00Z",
"dateReserved": "2017-06-28T00:00:00Z",
"dateUpdated": "2024-09-17T00:11:08.330Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2009-2254
Vulnerability from cvelistv5
Published
2009-06-30 10:00
Modified
2024-08-07 05:44
Severity ?
EPSS score ?
Summary
Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/sqlpatch.php, which allows remote attackers to execute arbitrary SQL commands via the query_string parameter in an execute action, in conjunction with a PATH_INFO of password_forgotten.php, related to a "SQL Execution" issue.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.osvdb.org/55343 | vdb-entry, x_refsource_OSVDB | |
| http://www.zen-cart.com/forum/showthread.php?t=130161 | x_refsource_CONFIRM | |
| http://www.securityfocus.com/bid/35468 | vdb-entry, x_refsource_BID | |
| http://www.zen-cart.com/forum/attachment.php?attachmentid=5965 | x_refsource_CONFIRM | |
| http://www.exploit-db.com/exploits/9005 | exploit, x_refsource_EXPLOIT-DB | |
| http://secunia.com/advisories/35550 | third-party-advisory, x_refsource_SECUNIA | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/51317 | vdb-entry, x_refsource_XF |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T05:44:55.724Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "55343",
"tags": [
"vdb-entry",
"x_refsource_OSVDB",
"x_transferred"
],
"url": "http://www.osvdb.org/55343"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.zen-cart.com/forum/showthread.php?t=130161"
},
{
"name": "35468",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/35468"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.zen-cart.com/forum/attachment.php?attachmentid=5965"
},
{
"name": "9005",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB",
"x_transferred"
],
"url": "http://www.exploit-db.com/exploits/9005"
},
{
"name": "35550",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA",
"x_transferred"
],
"url": "http://secunia.com/advisories/35550"
},
{
"name": "zencart-sqlpatch-sql-injection(51317)",
"tags": [
"vdb-entry",
"x_refsource_XF",
"x_transferred"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51317"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-06-23T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/sqlpatch.php, which allows remote attackers to execute arbitrary SQL commands via the query_string parameter in an execute action, in conjunction with a PATH_INFO of password_forgotten.php, related to a \"SQL Execution\" issue."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-18T12:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "55343",
"tags": [
"vdb-entry",
"x_refsource_OSVDB"
],
"url": "http://www.osvdb.org/55343"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.zen-cart.com/forum/showthread.php?t=130161"
},
{
"name": "35468",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/35468"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.zen-cart.com/forum/attachment.php?attachmentid=5965"
},
{
"name": "9005",
"tags": [
"exploit",
"x_refsource_EXPLOIT-DB"
],
"url": "http://www.exploit-db.com/exploits/9005"
},
{
"name": "35550",
"tags": [
"third-party-advisory",
"x_refsource_SECUNIA"
],
"url": "http://secunia.com/advisories/35550"
},
{
"name": "zencart-sqlpatch-sql-injection(51317)",
"tags": [
"vdb-entry",
"x_refsource_XF"
],
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51317"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-2254",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/sqlpatch.php, which allows remote attackers to execute arbitrary SQL commands via the query_string parameter in an execute action, in conjunction with a PATH_INFO of password_forgotten.php, related to a \"SQL Execution\" issue."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "55343",
"refsource": "OSVDB",
"url": "http://www.osvdb.org/55343"
},
{
"name": "http://www.zen-cart.com/forum/showthread.php?t=130161",
"refsource": "CONFIRM",
"url": "http://www.zen-cart.com/forum/showthread.php?t=130161"
},
{
"name": "35468",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/35468"
},
{
"name": "http://www.zen-cart.com/forum/attachment.php?attachmentid=5965",
"refsource": "CONFIRM",
"url": "http://www.zen-cart.com/forum/attachment.php?attachmentid=5965"
},
{
"name": "9005",
"refsource": "EXPLOIT-DB",
"url": "http://www.exploit-db.com/exploits/9005"
},
{
"name": "35550",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/35550"
},
{
"name": "zencart-sqlpatch-sql-injection(51317)",
"refsource": "XF",
"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/51317"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-2254",
"datePublished": "2009-06-30T10:00:00",
"dateReserved": "2009-06-29T00:00:00",
"dateUpdated": "2024-08-07T05:44:55.724Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
cve-2024-5762
Vulnerability from cvelistv5
Published
2024-08-21 16:15
Modified
2024-08-21 17:14
Severity ?
EPSS score ?
Summary
Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Zen Cart. Authentication is not required to exploit this vulnerability.
The specific flaw exists within the findPluginAdminPage function. The issue results from the lack of proper validation of user-supplied data prior to passing it to a PHP include function. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the service account. Was ZDI-CAN-21408.
References
| ▼ | URL | Tags |
|---|---|---|
| https://www.zerodayinitiative.com/advisories/ZDI-24-883/ | x_research-advisory | |
| https://docs.zen-cart.com/release/whatsnew_2.0.0 | vendor-advisory |
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:zen_cart:zen_cart:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "zen_cart",
"vendor": "zen_cart",
"versions": [
{
"lessThan": "2.0",
"status": "affected",
"version": "1.5.8a",
"versionType": "custom"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-5762",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-08-21T17:10:46.529979Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T17:14:11.364Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unknown",
"product": "Zen Cart",
"vendor": "Zen Cart",
"versions": [
{
"status": "affected",
"version": "1.5.8a"
}
]
}
],
"dateAssigned": "2024-06-07T14:10:09.806-05:00",
"datePublic": "2024-06-26T15:20:41.132-05:00",
"descriptions": [
{
"lang": "en",
"value": "Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Zen Cart. Authentication is not required to exploit this vulnerability.\n\nThe specific flaw exists within the findPluginAdminPage function. The issue results from the lack of proper validation of user-supplied data prior to passing it to a PHP include function. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the service account. Was ZDI-CAN-21408."
}
],
"metrics": [
{
"cvssV3_0": {
"baseScore": 8.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"format": "CVSS"
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-98",
"description": "CWE-98: Improper Control of Filename for Include/Require Statement in PHP Program",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-08-21T16:15:27.278Z",
"orgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"shortName": "zdi"
},
"references": [
{
"name": "ZDI-24-883",
"tags": [
"x_research-advisory"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-24-883/"
},
{
"name": "vendor-provided URL",
"tags": [
"vendor-advisory"
],
"url": "https://docs.zen-cart.com/release/whatsnew_2.0.0"
}
],
"source": {
"lang": "en",
"value": "Anonymous"
},
"title": "Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "99f1926a-a320-47d8-bbb5-42feb611262e",
"assignerShortName": "zdi",
"cveId": "CVE-2024-5762",
"datePublished": "2024-08-21T16:15:27.278Z",
"dateReserved": "2024-06-07T19:10:09.754Z",
"dateUpdated": "2024-08-21T17:14:11.364Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}