CVE-2008-6985 in Zen Cartinformazioni

Riassunto

di MITRE

Multiple SQL injection vulnerabilities in includes/classes/shopping_cart.php in Zen Cart 1.2.0 through 1.3.8a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter when (1) adding or (2) updating the shopping cart.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Prenotare

17/08/2009

Divulgazione

19/08/2009

Moderazione

accettato

Voce

VDB-49491

CPE

pronto

CWE

CWE-89 (confermato)

Sfruttamento

Scaricare

CVSS

6.8 (NVD)

EPSS

0.01580

KEV

Attività

molto basso

Settore

Pharma, Chemical, ...

Fonti

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-6985
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-6985
CVE Details	https://www.cvedetails.com/cve/CVE-2008-6985/

◂ Precedente Visione D'ensemble Il prossimo ▸

Do you know our Splunk app?

Download it now for free!