CVE-2009-4321
https://notcve.org/view.php?id=CVE-2009-4321
extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other versions, allows remote attackers to read arbitrary files via a file:// URI. NOTE: some of these details are obtained from third party information. extras/curltest.php en Zen Cart v1.3.8 y v1.3.8a, y posiblemente otras versiones, permite a atacantes remotos leer ficheros arbitrarios a través de un fichero file:// URI. NOTA: Algunos de los detalles fueron obtenidos de terceras partes. • http://osvdb.org/60892 http://secunia.com/advisories/37630 http://www.acunetix.com/blog/websecuritynews/acusensor-curl-and-zen-cart http://www.securityfocus.com/archive/1/508340/100/0/threaded http://www.securityfocus.com/bid/37283 http://www.vupen.com/english/advisories/2009/3474 http://www.zen-cart.com/forum/showthread.php?t=142784 https://exchange.xforce.ibmcloud.com/vulnerabilities/54687 • CWE-20: Improper Input Validation •
CVE-2008-6986
https://notcve.org/view.php?id=CVE-2008-6986
SQL injection vulnerability in the actionMultipleAddProduct function in includes/classes/shopping_cart.php in Zen Cart 1.3.0 through 1.3.8a, when magic_quotes_gpc is disabled, allows remote attackers to execute arbitrary SQL commands via the products_id array parameter in a multiple_products_add_product action, a different vulnerability than CVE-2008-6985. Vulnerabilidad de inyección SQL en la función actionMultipleAddProduct en includes/classes/shopping_cart.php en Zen Cartv v1.3.0 hasta v1.3.8a, cuando magic_quotes_gpc es desactivada, permite a atacantes remotos ejecutar comandos SQL a su elección a través del parámetro products_id en una acción multiple_products_add_product, una vulnerabilidad diferente a CVE-2008-6985. • http://secunia.com/advisories/31758 http://www.gulftech.org/?node=research&article_id=00129-09042008 http://www.osvdb.org/48347 http://www.securityfocus.com/archive/1/496002/100/0/threaded http://www.securityfocus.com/archive/1/496032/100/100/threaded http://www.securityfocus.com/bid/31023 http://www.zen-cart.com/forum/showthread.php?p=604473 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2008-6985 – Zen Cart < 1.3.8a - SQL Injection
https://notcve.org/view.php?id=CVE-2008-6985
Multiple SQL injection vulnerabilities in includes/classes/shopping_cart.php in Zen Cart 1.2.0 through 1.3.8a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter when (1) adding or (2) updating the shopping cart. Múltiples vulnerabilidades de inyección SQL en includes/classes/shopping_cart.php en Zen Cart v1.2.0 a v1.3.8a, cuando magic_quotes_gpc está desactivado, permiten a atacantes remotos ejecutar comandos SQL a través del parámetro ID cuando (1) se añade algo o (2) se actualiza el carrito de la compra. • https://www.exploit-db.com/exploits/43436 http://secunia.com/advisories/31758 http://www.gulftech.org/?node=research&article_id=00129-09042008 http://www.osvdb.org/48346 http://www.securityfocus.com/archive/1/496002/100/0/threaded http://www.securityfocus.com/archive/1/496032/100/100/threaded http://www.securityfocus.com/bid/31023 http://www.zen-cart.com/forum/showthread.php?p=604473 https://exchange.xforce.ibmcloud.com/vulnerabilities/44917 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2008-6877
https://notcve.org/view.php?id=CVE-2008-6877
Directory traversal vulnerability in admin/includes/initsystem.php in Zen Cart 1.3.8 and 1.3.8a, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the loader_file parameter. NOTE: the vendor disputes this issue, stating "at worst, the use of this vulnerability will reveal some local file paths. ** DISPUTADA ** Vulnerabilidad de salto de directorio en admin/includes/initsystem.php en Zen Cart v1.3.8 y v1.3.8a, cuando .htaccess no esta soportado, lo que permite a atacantes remotos incluir y ejecutar ficheros locales de forma arbitraria a través de .. (punto punto) en el parámetro "loader_file". NOTA: El vendedor no esta de acuerdo con este hecho, "den el peor de los casos la explotación de esta vulnerabilidad solo muestro algunos ficheros locales". • http://osvdb.org/46912 http://secunia.com/advisories/31039 http://www.attrition.org/pipermail/vim/2008-July/002028.html http://www.securityfocus.com/bid/30179 http://www.zen-cart.com/forum/showthread.php?t=102802 https://www.exploit-db.com/exploits/6038 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2008-6878
https://notcve.org/view.php?id=CVE-2008-6878
Directory traversal vulnerability in admin/includes/languages/english.php in Zen Cart 1.3.8a, 1.3.8, and earlier, when .htaccess is not supported, allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the _SESSION[language] parameter. NOTE: the vendor disputes this issue, stating "at worst, the use of this vulnerability will reveal some local file paths. ** DISPUTADA ** Vulnerabilidad de salto de directorio en admin/includes/languages/english.php en Zen Cart v1.3.8a, v1.3.8 y anteriores, cuando .htaccess no esta soportado permite a atacantes remotos incluir y ejecutar ficheros locales arbitrariamente a través de .. (punto punto) en el parámetro "_SESSION[language]". NOTA: El vendedor no esta de acuerdo con este hecho, "en el peor de los casos, la utilización de esta vulnerabilidad únicamente mostrara algunos ficheros locales". • http://osvdb.org/46913 http://secunia.com/advisories/31039 http://www.attrition.org/pipermail/vim/2008-July/002028.html http://www.securityfocus.com/bid/30179 http://www.zen-cart.com/forum/showthread.php?t=102802 https://www.exploit-db.com/exploits/6038 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •