Ajsquare Zeuscart vulnerabilities
3 known vulnerabilities affecting ajsquare/zeuscart.
Total CVEs
3
CISA KEV
0
Public exploits
3
Exploited in wild
0
Severity breakdown
MEDIUM3
Vulnerabilities
Page 1 of 1
CVE-2015-2184P3MEDIUMCVSS 5.0PoCv4.02015-03-10
CVE-2015-2184 [MEDIUM] CWE-200 CVE-2015-2184: ZeusCart 4 allows remote attackers to obtain configuration information via a getphpinfo action to ad
ZeusCart 4 allows remote attackers to obtain configuration information via a getphpinfo action to admin/, which calls the phpinfo function.
nvd
CVE-2015-2182P4MEDIUMCVSS 4.3PoCv4.02015-03-11
CVE-2015-2182 [MEDIUM] CVE-2015-2182: Multiple cross-site scripting (XSS) vulnerabilities in ZeusCart 4 allow remote attackers to inject a
Multiple cross-site scripting (XSS) vulnerabilities in ZeusCart 4 allow remote attackers to inject arbitrary web script or HTML via the (1) schltr parameter in a brands action or (2) brand parameter in a viewbrands action to index.php. NOTE: The search parameter vector is already covered by CVE-2010-5322.
nvd
CVE-2010-5322P4MEDIUMCVSS 4.3PoC≤ 4.02015-03-11
CVE-2010-5322 [MEDIUM] CWE-79 CVE-2010-5322: Cross-site scripting (XSS) vulnerability in ZeusCart 4.0 and earlier allows remote attackers to inje
Cross-site scripting (XSS) vulnerability in ZeusCart 4.0 and earlier allows remote attackers to inject arbitrary web script or HTML via the search parameter in a search action to index.php.
nvd