Zen Cart 1.5.6d allows reflected XSS via the main_page parameter to includes/templates/template_default/common/tpl_main_page.php or includes/templates/responsive_classic/common/tpl_main_page.php.
Max CVSS
6.1
EPSS Score
0.08%
Published
2021-03-19
Updated
2021-03-25
In index.php in Zen Cart 1.6.0, the products_id parameter can cause XSS.
Max CVSS
6.1
EPSS Score
0.06%
Published
2017-06-29
Updated
2017-07-03
Zen Cart 1.6.0 has XSS in the main_page parameter to index.php. NOTE: 1.6.0 is not an official release but the vendor's README.md file offers a link to v160.zip with a description of "Download latest in-development version from github."
Max CVSS
6.1
EPSS Score
0.09%
Published
2017-05-08
Updated
2017-05-30
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!