CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-2024

The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functionality, which allows attackers to gain administrative privileges via password_forgotten.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.005

EPSS Ranking 63.4%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.zen-cart.com/modules/ipb/index.php?showtopic=4873
http://www.zen-cart.com/modules/mydownloads/viewcat.php?cid=31&orderby=dateD
http://www.zen-cart.com/modules/ipb/index.php?showtopic=4873
http://www.zen-cart.com/modules/mydownloads/viewcat.php?cid=31&orderby=dateD

Products affected by CVE-2004-2024

Zen Cart » Zen Cart » Version: 1.1.4

cpe:2.3:a:zen_cart:zen_cart:1.1.4

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2024

Products

Pricing

Contact Us