CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2004-2025

SQL injection vulnerability in application_top.php for Zen Cart 1.1.3 before patch 2 may allow remote attackers to execute arbitrary SQL commands via the products_id parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 61.7%

CVSS Severity

CVSS v2 Score 7.5

References

http://www.zen-cart.com/modules/ipb/index.php?showtopic=3731
http://www.zen-cart.com/modules/mydownloads/viewcat.php?cid=31&orderby=dateD
http://www.zen-cart.com/modules/ipb/index.php?showtopic=3731
http://www.zen-cart.com/modules/mydownloads/viewcat.php?cid=31&orderby=dateD

Products affected by CVE-2004-2025

Zen Cart » Zen Cart » Version: 1.1.3

cpe:2.3:a:zen_cart:zen_cart:1.1.3

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2004-2025

Products

Pricing

Contact Us