Zen Cart Security Vulnerabilities and Issues — Zen Cart CVE List

Lucene search

Zen-cartZen Cart

2 matches found

CVE•added 2017/07/27 6:29 a.m.•54 views

CVE-2017-11675

The traverseStrictSanitize function in admin_dir/includes/classes/AdminRequestSanitizer.php in ZenCart 1.5.5e mishandles key strings, which allows remote authenticated users to execute arbitrary PHP code by placing that code into an invalid array index of the admin_name array parameter to admin_dir...

8.8CVSS8.8AI score0.00717EPSS

CVE•added 2024/08/21 5:15 p.m.•52 views

CVE-2024-5762

Zen Cart findPluginAdminPage Local File Inclusion Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Zen Cart. Authentication is not required to exploit this vulnerability. The specific flaw exists within the findPl...

8.1CVSS8.5AI score0.086EPSS