CVE-2006-5119 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2006-5119
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2006-5119

Description: Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart 1.3.5 allow remote attackers to inject arbitrary web script or HTML via the (1) admin_name or (2) admin_pass parameter in (a) admin/login.php, or the (3) admin_email parameter in (b) admin/password_forgotten.php.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/29248 SREASON http://securityreason.com/securityalert/1667 SAID Secunia Advisory: SA22118 MISC http://www.armorize.com/advisory.php?Keyword=Armorize-ADV-2006-0003 CONFIRM http://www.zen-cart.com/forum/showthread.php?p=270823#post270823 http://www.zen-cart.com/forum/showthread.php?t=47526 BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/447286/100/0/threaded BID 20242

Return to the previous page.