CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Zen Cart: >> Zen Cart >> 1.1.4 Security Vulnerabilities

CVE-2004-2023

SQL injection vulnerability in login.php in Zen Cart 1.1.2d, 1.1.4 before patch 1, and possibly other versions allows remote attackers to execute arbitrary SQL via the (1) admin_name or (2) admin_pass parameters.

CVSS Score

7.5

EPSS Score

0.013

Published

2004-12-31

CVE-2004-2024

The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functionality, which allows attackers to gain administrative privileges via password_forgotten.php.

CVSS Score

7.5

EPSS Score

0.005

Published

2004-12-31

Page 1

Vulnerabilities

Vulnerable Software

Zen Cart: >> Zen Cart >> 1.1.4 Security Vulnerabilities

Products

Pricing

Contact Us