Zen Cart: >> Zen Cart >> 1.3.0.2 Security Vulnerabilities
Directory traversal vulnerability in Zen Cart 1.3.0.2 and earlier allows remote attackers to include and possibly execute arbitrary local files via directory traversal sequences in the typefilter parameter.
CVSS Score
7.5
EPSS Score
0.011
Published
2006-08-17
index.php in Zen Cart 1.3.0.2 allows remote attackers to obtain sensitive information via empty (1) _GET[], (2) _SESSION[], (3) _POST[], (4) _COOKIE[], or (5) _SESSION[] array parameters, which reveals the installation path in an error message. NOTE: this issue might be resultant from a global overwrite vulnerability.
CVSS Score
5.0
EPSS Score
0.003
Published
2006-07-21