CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2011-4403

Multiple cross-site request forgery (CSRF) vulnerabilities in Zen Cart 1.3.9h allow remote attackers to hijack the authentication of administrators for requests that (1) delete a product via a delete_product_confirm action to product.php or (2) disable a product via a setflag action to categories.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 59.4%

CVSS Severity

CVSS v2 Score 5.8

References

http://osvdb.org/79137
http://seclists.org/fulldisclosure/2012/Feb/171
http://osvdb.org/79137
http://seclists.org/fulldisclosure/2012/Feb/171

Products affected by CVE-2011-4403

Zen-Cart » Zen Cart » Version: 1.3.9h

cpe:2.3:a:zen-cart:zen_cart:1.3.9h

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2011-4403

Products

Pricing

Contact Us