Zen Cart

CVEs (18)

CVE	Vendor / Product	Risk	CVSS	EPSS	Published	Description
CVE-2009-2255	Zen Cart ZenCart	0.06	—	0.35	Jun 30, 2009	Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/record_company.php, which allows remote attackers to execute arbitrary code by uploading a .php file via the record_company_image parameter in conjunction with a PATH_INFO of…
CVE-2009-2254	Zen Cart ZenCart	0.04	—	0.10	Jun 30, 2009	Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/sqlpatch.php, which allows remote attackers to execute arbitrary SQL commands via the query_string parameter in an execute action, in conjunction with a PATH_INFO of…
CVE-2011-4567	Zen Cart ZenCart	0.03	—	0.00	Nov 29, 2011	Cross-site scripting (XSS) vulnerability in includes/templates/template_default/templates/tpl_gv_send_default.php in Zen Cart before 1.5 allows remote attackers to inject arbitrary web script or HTML via the message parameter in a gv_send action to index.php, a different…
CVE-2008-6985	Zen Cart ZenCart	0.03	—	0.01	Aug 19, 2009	Multiple SQL injection vulnerabilities in includes/classes/shopping_cart.php in Zen Cart 1.2.0 through 1.3.8a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter when (1) adding or (2) updating the shopping cart.
CVE-2008-6616	Zen Cart ZenCart	0.03	—	0.00	Apr 6, 2009	Cross-site scripting (XSS) vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are…
CVE-2008-6615	Zen Cart ZenCart	0.03	—	0.00	Apr 6, 2009	SQL injection vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to execute arbitrary SQL commands via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are obtained solely…
CVE-2012-5805	Paypal Instant Payment Notification	0.00	—	0.00	Nov 4, 2012	The PayPal IPN functionality in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid…
CVE-2012-1413	Zen Cart ZenCart	0.00	—	0.00	May 27, 2012	Cross-site scripting (XSS) vulnerability in zc_install/includes/modules/pages/database_setup/header_php.php in Zen Cart 1.5.0 and earlier, when the software is being installed, allows remote attackers to inject arbitrary web script or HTML via the db_username parameter to…
CVE-2011-4547	Zen Cart ZenCart	0.00	—	0.00	Nov 29, 2011	Multiple cross-site scripting (XSS) vulnerabilities in includes/templates/template_default/common/tpl_header_test_info.php in Zen Cart 1.3.9h, when debugging is enabled, might allow remote attackers to inject arbitrary web script or HTML via the (1) main_page parameter or (2)…
CVE-2009-4323	Zen Cart ZenCart	0.00	—	0.00	Dec 14, 2009	The installation for Zen Cart stores sensitive information and insecure programs under the (1) docs, (2) extras, and (3) zc_install folders, and (4) install.txt, which allows remote attackers to obtain sensitive information, delete the database, and conduct other attacks via a…
CVE-2009-4322	Zen Cart ZenCart	0.00	—	0.00	Dec 14, 2009	extras/ipn_test_return.php in Zen Cart allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.
CVE-2009-4321	Zen Cart ZenCart	0.00	—	0.01	Dec 14, 2009	extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other versions, allows remote attackers to read arbitrary files via a file:// URI. NOTE: some of these details are obtained from third party information.
CVE-2008-6986	Zen Cart ZenCart	0.00	—	0.01	Aug 19, 2009	SQL injection vulnerability in the actionMultipleAddProduct function in includes/classes/shopping_cart.php in Zen Cart 1.3.0 through 1.3.8a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the products_id array parameter in a…
CVE-2008-6878	Zen Cart ZenCart	0.00	—	0.00	Jul 27, 2009	Directory traversal vulnerability in admin/includes/languages/english.php in Zen Cart 1.3.8a, 1.3.8, and earlier, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _SESSION[language] parameter. NOTE:…
CVE-2008-6877	Zen Cart ZenCart	0.00	—	0.00	Jul 27, 2009	Directory traversal vulnerability in admin/includes/initsystem.php in Zen Cart 1.3.8 and 1.3.8a, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the loader_file parameter. NOTE: the vendor disputes this…
CVE-2007-3597	Zen Cart ZenCart	0.00	—	0.02	Jul 6, 2007	Session fixation vulnerability in Zen Cart 1.3.7 and earlier allows remote attackers to hijack web sessions by setting the Cookie parameter.
CVE-2006-6868	Zen Cart Web Shopping Cart	0.00	—	0.01	Dec 31, 2006	Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart Web Shopping Cart before 1.3.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2006-5119	Zen Cart ZenCart	0.00	—	0.01	Oct 3, 2006	Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart 1.3.5 allow remote attackers to inject arbitrary web script or HTML via the (1) admin_name or (2) admin_pass parameter in (a) admin/login.php, or the (3) admin_email parameter in (b) admin/password_forgotten.php.

CVE-2009-2255Jun 30, 2009
Zen Cart
ZenCart
risk 0.06cvss —epss 0.35
Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/record_company.php, which allows remote attackers to execute arbitrary code by uploading a .php file via the record_company_image parameter in conjunction with a PATH_INFO of…
CVE-2009-2254Jun 30, 2009
Zen Cart
ZenCart
risk 0.04cvss —epss 0.10
Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/sqlpatch.php, which allows remote attackers to execute arbitrary SQL commands via the query_string parameter in an execute action, in conjunction with a PATH_INFO of…
CVE-2011-4567Nov 29, 2011
Zen Cart
ZenCart
risk 0.03cvss —epss 0.00
Cross-site scripting (XSS) vulnerability in includes/templates/template_default/templates/tpl_gv_send_default.php in Zen Cart before 1.5 allows remote attackers to inject arbitrary web script or HTML via the message parameter in a gv_send action to index.php, a different…
CVE-2008-6985Aug 19, 2009
Zen Cart
ZenCart
risk 0.03cvss —epss 0.01
Multiple SQL injection vulnerabilities in includes/classes/shopping_cart.php in Zen Cart 1.2.0 through 1.3.8a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter when (1) adding or (2) updating the shopping cart.
CVE-2008-6616Apr 6, 2009
Zen Cart
ZenCart
risk 0.03cvss —epss 0.00
Cross-site scripting (XSS) vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to inject arbitrary web script or HTML via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are…
CVE-2008-6615Apr 6, 2009
Zen Cart
ZenCart
risk 0.03cvss —epss 0.00
SQL injection vulnerability in index.php in Zen Software Zen Cart 2008 allows remote attackers to execute arbitrary SQL commands via the keyword parameter in the advanced_search_result page. NOTE: the provenance of this information is unknown; the details are obtained solely…
CVE-2012-5805Nov 4, 2012
Paypal
Instant Payment Notification
risk 0.00cvss —epss 0.00
The PayPal IPN functionality in Zen Cart does not verify that the server hostname matches a domain name in the subject's Common Name (CN) or subjectAltName field of the X.509 certificate, which allows man-in-the-middle attackers to spoof SSL servers via an arbitrary valid…
CVE-2012-1413May 27, 2012
Zen Cart
ZenCart
risk 0.00cvss —epss 0.00
Cross-site scripting (XSS) vulnerability in zc_install/includes/modules/pages/database_setup/header_php.php in Zen Cart 1.5.0 and earlier, when the software is being installed, allows remote attackers to inject arbitrary web script or HTML via the db_username parameter to…
CVE-2011-4547Nov 29, 2011
Zen Cart
ZenCart
risk 0.00cvss —epss 0.00
Multiple cross-site scripting (XSS) vulnerabilities in includes/templates/template_default/common/tpl_header_test_info.php in Zen Cart 1.3.9h, when debugging is enabled, might allow remote attackers to inject arbitrary web script or HTML via the (1) main_page parameter or (2)…
CVE-2009-4323Dec 14, 2009
Zen Cart
ZenCart
risk 0.00cvss —epss 0.00
The installation for Zen Cart stores sensitive information and insecure programs under the (1) docs, (2) extras, and (3) zc_install folders, and (4) install.txt, which allows remote attackers to obtain sensitive information, delete the database, and conduct other attacks via a…
CVE-2009-4322Dec 14, 2009
Zen Cart
ZenCart
risk 0.00cvss —epss 0.00
extras/ipn_test_return.php in Zen Cart allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.
CVE-2009-4321Dec 14, 2009
Zen Cart
ZenCart
risk 0.00cvss —epss 0.01
extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other versions, allows remote attackers to read arbitrary files via a file:// URI. NOTE: some of these details are obtained from third party information.
CVE-2008-6986Aug 19, 2009
Zen Cart
ZenCart
risk 0.00cvss —epss 0.01
SQL injection vulnerability in the actionMultipleAddProduct function in includes/classes/shopping_cart.php in Zen Cart 1.3.0 through 1.3.8a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the products_id array parameter in a…
CVE-2008-6878Jul 27, 2009
Zen Cart
ZenCart
risk 0.00cvss —epss 0.00
Directory traversal vulnerability in admin/includes/languages/english.php in Zen Cart 1.3.8a, 1.3.8, and earlier, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _SESSION[language] parameter. NOTE:…
CVE-2008-6877Jul 27, 2009
Zen Cart
ZenCart
risk 0.00cvss —epss 0.00
Directory traversal vulnerability in admin/includes/initsystem.php in Zen Cart 1.3.8 and 1.3.8a, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the loader_file parameter. NOTE: the vendor disputes this…
CVE-2007-3597Jul 6, 2007
Zen Cart
ZenCart
risk 0.00cvss —epss 0.02
Session fixation vulnerability in Zen Cart 1.3.7 and earlier allows remote attackers to hijack web sessions by setting the Cookie parameter.
CVE-2006-6868Dec 31, 2006
Zen Cart
Web Shopping Cart
risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart Web Shopping Cart before 1.3.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2006-5119Oct 3, 2006
Zen Cart
ZenCart
risk 0.00cvss —epss 0.01
Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart 1.3.5 allow remote attackers to inject arbitrary web script or HTML via the (1) admin_name or (2) admin_pass parameter in (a) admin/login.php, or the (3) admin_email parameter in (b) admin/password_forgotten.php.