CVE-2004-2023
The vulnerability CVE-2004-2023 affects Zen Cart (notably Zen Cart 1.1.2d and 1.1.4 before patch 1). The issue is a SQL injection in login.php that allows remote attackers to modify or disclose data via the (1) admin_name or (2) admin_pass parameters. The underlying cause is unsafely constructed ...