Lucene search
PRIOn knowledge basePRION:CVE-2015-2183HistoryMar 10, 2015 - 2:59 p.m.
Sql injection
2015-03-1014:59:00
PRIOn knowledge base
www.prio-n.com
1
Multiple SQL injection vulnerabilities in the administrative backend in ZeusCart 4 allow remote administrators to execute arbitrary SQL commands via the id parameter in a (1) disporders detail or (2) subadminmgt edit action or (3) cid parameter in an editcurrency action to admin/.
References
packetstormsecurity.com/files/130487/Zeuscart-4-Cross-Site-Scripting-SQL-Injection.html
seclists.org/fulldisclosure/2015/Feb/89
seclists.org/oss-sec/2015/q1/649
seclists.org/oss-sec/2015/q1/727
sroesemann.blogspot.de/2015/01/sroeadv-2015-12.html
www.securityfocus.com/bid/72761
github.com/ZeusCart/zeuscart/issues/28
www.exploit-db.com/exploits/36159
Related
cvelist
cvelist
CVE-2015-2183
2015-03-10 14:00:00
cve
cve
CVE-2015-2183
2015-03-10 14:59:06
nvd
nvd
CVE-2015-2183
2015-03-10 14:59:06
openvas
openvas
Zeuscart Multiple Vulnerabilities
2015-03-02 00:00:00