VYPR
Critical severity9.8NVD Advisory· Published Aug 24, 2017· Updated Jun 17, 2026

CVE-2015-8352

CVE-2015-8352

Description

Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

3
  • Zen Cart/ZenCartinferred3 versions
    =1.5.4+ 2 more
    • (no CPE)range: =1.5.4
    • cpe:2.3:a:zen-cart:zen_cart:1.5.4:*:*:*:*:*:*:*
    • (no CPE)range: 1.5.4

Patches

Vulnerability mechanics

References

4

News mentions

0

No linked articles in our index yet.