3 matches found
Zen Cart <= 1.3.8a Multiple Vulnerabilities
Zen Cart is prone to multiple vulnerabilities. Copyright C 2009 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
Immunity Canvas: ZENCART_REMOTE
Name| zencartremote ---|--- CVE| CVE-2009-2255 Exploit Pack| CANVAS Description| zencartremote Notes| Repeatability: Infinite CVE URL: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-2255 VENDOR: www.zen-cart.com/ CVSS: 6.8 CVE Name: CVE-2009-2255...
CVE-2009-2255
Zen Cart 1.3.8a, 1.3.8 and earlier are affected by an authentication bypass in admin/record_company.php that allows remote code execution. The vulnerability occurs because admin authentication is not enforced for that module; an attacker can upload a PHP file via the record_company_image paramete...