2 matches found
CVE-2020-6578
Zen Cart 1.5.6d allows reflected XSS via the mainpage parameter to includes/templates/templatedefault/common/tplmainpage.php or includes/templates/responsiveclassic/common/tplmainpage.php...
CVE-2020-6578
CVE-2020-6578 affects Zen Cart 1.5.6d and enables a reflected XSS via the main_page parameter in tpl_main_page.php (two paths: includes/templates/template_default/common/tpl_main_page.php and includes/templates/responsive_classic/common/tpl_main_page.php). Connected sources confirm the vulnerable...