2 matches found
CVE-2004-2024
Zen Cart 1.1.4 prior to patch 2 contains debugging code in the Admin password retrieval path (password_forgotten.php) that can enable attackers to gain administrative privileges. The connected records confirm the product/version and the root cause as debugging code in the admin password recovery ...
CVE-2004-2024
The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functionality, which allows attackers to gain administrative privileges via passwordforgotten.php...