CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2015-0882

Multiple cross-site scripting (XSS) vulnerabilities in zencart-ja (aka Zen Cart Japanese edition) 1.3 jp through 1.3.0.2 jp8 and 1.5 ja through 1.5.1 ja allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to admin/includes/init_includes/init_sanitize.php and includes/init_includes/init_sanitize.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.004

EPSS Ranking 62.4%

CVSS Severity

CVSS v2 Score 4.3

References

http://jvn.jp/en/jp/JVN44544694/281242/index.html
http://jvn.jp/en/jp/JVN44544694/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000027
https://github.com/zencart-ja/zc-v1-series/commit/022949bd09444d7e58703cc537dbbd5744c381b8
http://jvn.jp/en/jp/JVN44544694/281242/index.html
http://jvn.jp/en/jp/JVN44544694/index.html
http://jvndb.jvn.jp/jvndb/JVNDB-2015-000027
https://github.com/zencart-ja/zc-v1-series/commit/022949bd09444d7e58703cc537dbbd5744c381b8

Products affected by CVE-2015-0882

Zen-Cart » Zen Cart » Version: 1.3.0.0

cpe:2.3:a:zen-cart:zen_cart:1.3.0.0
Zen-Cart » Zen Cart » Version: 1.3.0.1

cpe:2.3:a:zen-cart:zen_cart:1.3.0.1
Zen-Cart » Zen Cart » Version: 1.3.0.2

cpe:2.3:a:zen-cart:zen_cart:1.3.0.2
Zen-Cart » Zen Cart » Version: 1.5.0

cpe:2.3:a:zen-cart:zen_cart:1.5.0
Zen-Cart » Zen Cart » Version: 1.5.1

cpe:2.3:a:zen-cart:zen_cart:1.5.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2015-0882

Products

Pricing

Contact Us