2 matches found
CVE-2012-1413
Cross-site scripting XSS vulnerability in zcinstall/includes/modules/pages/databasesetup/headerphp.php in Zen Cart 1.5.0 and earlier, when the software is being installed, allows remote attackers to inject arbitrary web script or HTML via the dbusername parameter to zcinstall/index.php...
CVE-2012-1413
Zen Cart CVE-2012-1413 affects Zen Cart 1.5.0 and earlier during installation. The XSS flaw resides in zc_install/includes/modules/pages/database_setup/header_php.php, exploitable via the db_username parameter to zc_install/index.php, allowing remote script/HTML injection. No exploit details or m...