CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
Confidence
Low
EPSS
Percentile
79.5%
Directory traversal vulnerability in Zen Cart 1.3.0.2 and earlier allows remote attackers to include and possibly execute arbitrary local files via directory traversal sequences in the typefilter parameter.
Vendor | Product | Version | CPE |
---|---|---|---|
zen_cart | zen_cart | 1.2.0d | cpe:2.3:a:zen_cart:zen_cart:1.2.0d:*:*:*:*:*:*:* |
zen_cart | zen_cart | 1.2.1_patch1 | cpe:2.3:a:zen_cart:zen_cart:1.2.1_patch1:*:*:*:*:*:*:* |
zen_cart | zen_cart | 1.2.1d | cpe:2.3:a:zen_cart:zen_cart:1.2.1d:*:*:*:*:*:*:* |
zen_cart | zen_cart | 1.2.2d | cpe:2.3:a:zen_cart:zen_cart:1.2.2d:*:*:*:*:*:*:* |
zen_cart | zen_cart | 1.2.3d | cpe:2.3:a:zen_cart:zen_cart:1.2.3d:*:*:*:*:*:*:* |
zen_cart | zen_cart | 1.2.4.1 | cpe:2.3:a:zen_cart:zen_cart:1.2.4.1:*:*:*:*:*:*:* |
zen_cart | zen_cart | 1.2.4d | cpe:2.3:a:zen_cart:zen_cart:1.2.4d:*:*:*:*:*:*:* |
zen_cart | zen_cart | 1.2.5d | cpe:2.3:a:zen_cart:zen_cart:1.2.5d:*:*:*:*:*:*:* |
zen_cart | zen_cart | 1.2.6d | cpe:2.3:a:zen_cart:zen_cart:1.2.6d:*:*:*:*:*:*:* |
zen_cart | zen_cart | 1.3.0.2 | cpe:2.3:a:zen_cart:zen_cart:1.3.0.2:*:*:*:*:*:*:* |