Zen Cart Security Vulnerabilities and Issues — Zen Cart CVE List

Lucene search

Zen-cartZen Cart

3 matches found

CVE•added 2009/12/14 11:30 p.m.•58 views

CVE-2009-4321

extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other versions, allows remote attackers to read arbitrary files via a file:// URI. NOTE: some of these details are obtained from third party information.

5CVSS6.6AI score0.00819EPSS

CVE•added 2009/12/14 11:30 p.m.•52 views

CVE-2009-4322

extras/ipn_test_return.php in Zen Cart allows remote attackers to obtain sensitive information via a direct request, which reveals the installation path in an error message.

5CVSS6.1AI score0.00283EPSS

CVE•added 2009/12/14 11:30 p.m.•49 views

CVE-2009-4323

The installation for Zen Cart stores sensitive information and insecure programs under the (1) docs, (2) extras, and (3) zc_install folders, and (4) install.txt, which allows remote attackers to obtain sensitive information, delete the database, and conduct other attacks via a direct request, diffe...

7.5CVSS6.4AI score0.00819EPSS