Zen Cart

Short Name: [None Entered]
Previous Names: [None Entered]
URL: http://www.zencart.com/ [visit link]
Email: [None Entered]
Security URL: [None Entered]
Security Email: [None Entered]
Knowledge Base: http://www.zen-cart.com/modules/ipb/ [visit link]
Notes: [No Notes]

Vulnerabilities by Vendor Product

Zen Cart

Zen Cart
Zen Cart Watch-list
1.1.2d
OSVDB ID: 6298 Zen Cart login.php Multiple Parameter SQL Injection
1.2.6
OSVDB ID: 23110 Zen Cart Unspecified SQL Injection
1.3.0.2
OSVDB ID: 28144 Zen Cart ipn_main_handler.php SQL Injection
OSVDB ID: 28145 Zen Cart whos_online_session_recreate Function SQL Injection
OSVDB ID: 28146 Zen Cart add_cart Function Quantity Field SQL Injection
OSVDB ID: 28147 Zen Cart Adding ID Parameter SQL Injection
OSVDB ID: 28149 Zen Cart autoload_func.php autoLoadConfig[999][0][loadFile] Parameter Remote File Inclusion
OSVDB ID: 28148 Zen Cart ot_coupon.php dc_redeem_code Parameter SQL Injection
1.3.8
OSVDB ID: 54076 Zen Cart Multiple Unspecified CSRF
Web Shopping Cart Watch-list
1.2.6 d
OSVDB ID: 22866 Zen Cart graphs/banner_daily.php Direct Request Path Disclosure
OSVDB ID: 22867 Zen Cart graphs/banner_infobox.phpDirect Request Path Disclosure
OSVDB ID: 22868 Zen Cart graphs/banner_yearly.php Direct Request Path Disclosure
OSVDB ID: 22875 Zen Cart modules/move_product_confirm.php Direct Request Path Disclosure
OSVDB ID: 22869 Zen Cart graphs/banner_monthly.php Direct Request Path Disclosure
OSVDB ID: 22870 Zen Cart application_bottom.php Direct Request Path Disclosure
OSVDB ID: 22871 Zen Cart attributes_preview.php Direct Request Path Disclosure
OSVDB ID: 22872 Zen Cart modules/category_product_listing.php Direct Request Path Disclosure
OSVDB ID: 22873 Zen Cart modules/copy_to_confirm.php Direct Request Path Disclosure
OSVDB ID: 22874 Zen Cart modules/delete_product_confirm.php Direct Request Path Disclosure
OSVDB ID: 21411 Zen Cart password_forgotten.php Email Field SQL Injection



The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2013 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use