CVE-2004-2023

SQL injection vulnerability in login.php in Zen Cart 1.1.2d, 1.1.4 before patch 1, and possibly other versions allows remote attackers to execute arbitrary SQL via the (1) admin_name or (2) admin_pass parameters.
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:zen_cart:zen_cart:1.1.2d:*:*:*:*:*:*:*
cpe:2.3:a:zen_cart:zen_cart:1.1.4:*:*:*:*:*:*:*

History

No history.

Information

Published : 2004-12-31 05:00

Updated : 2018-10-19 15:30


NVD link : CVE-2004-2023

Mitre link : CVE-2004-2023


JSON object : View

Products Affected

zen_cart

  • zen_cart