RSS   Vulnerabilities for 'Zeuscart'   RSS

2015-03-11
 
CVE-2015-2182

 

 
Multiple cross-site scripting (XSS) vulnerabilities in ZeusCart 4 allow remote attackers to inject arbitrary web script or HTML via the (1) schltr parameter in a brands action or (2) brand parameter in a viewbrands action to index.php. NOTE: The search parameter vector is already covered by CVE-2010-5322.

 
 
CVE-2010-5322

 

 
Cross-site scripting (XSS) vulnerability in ZeusCart 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in a search action to index.php.

 
2015-03-10
 
CVE-2015-2184

 

 
ZeusCart 4 allows remote attackers to obtain configuration information via a getphpinfo action to admin/, which calls the phpinfo function.

 
 
CVE-2015-2183

 

 
Multiple SQL injection vulnerabilities in the administrative backend in ZeusCart 4 allow remote administrators to execute arbitrary SQL commands via the id parameter in a (1) disporders detail or (2) subadminmgt edit action or (3) cid parameter in an editcurrency action to admin/.

 

 >>> Vendor: Ajsquare 8 Products
Aj article
Aj classifieds
Free polling script
Aj matrix dna
Aj auction pro-oopd
Aj shopping cart
Aj hyip
Zeuscart


Copyright 2021, cxsecurity.com

 

Back to Top