2 matches found
CVE-2020-6577
The IT-Recht Kanzlei plugin in Zen Cart 1.5.6c German edition allows itrk-api.php rechtstextlanguage SQL Injection...
CVE-2006-4214
Multiple SQL injection vulnerabilities in Zen Cart 1.3.0.2 and earlier allow remote attackers to execute arbitrary SQL commands via 1 GPC data to the ipngetstoredsession function in ipnmainhandler.php, which can be leveraged to modify elements of $SESSION; and allow remote authenticated users to...