Unrated severityNVD Advisory· Published Dec 31, 2004· Updated Jun 16, 2026
CVE-2004-2024
CVE-2004-2024
Description
The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functionality, which allows attackers to gain administrative privileges via password_forgotten.php.
Affected products
2Patches
Vulnerability mechanics
References
2- www.zen-cart.com/modules/mydownloads/viewcat.phpnvdPatch
- www.zen-cart.com/modules/ipb/index.phpnvdVendor Advisory
News mentions
0No linked articles in our index yet.