|
|
CVE Reference: CVE-2006-5119 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2006-5119 |
|
|
Description: Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart 1.3.5 allow remote attackers to inject arbitrary web script or HTML via the (1) admin_name or (2) admin_pass parameter in (a) admin/login.php, or the (3) admin_email parameter in (b) admin/password_forgotten.php. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/29248 SREASON http://securityreason.com/securityalert/1667 SAID Secunia Advisory: SA22118 MISC http://www.armorize.com/advisory.php?Keyword=Armorize-ADV-2006-0003 CONFIRM http://www.zen-cart.com/forum/showthread.php?p=270823#post270823 http://www.zen-cart.com/forum/showthread.php?t=47526 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/447286/100/0/threaded BID 20242 |
|
| Return to the previous page. |
