Description
extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other versions, allows remote attackers to read arbitrary files via a file:// URI. NOTE: some of these details are obtained from third party information.
Remediation
References
Related Vulnerabilities
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-0215)
MySQL CVE-2021-2061 Vulnerability (CVE-2021-2061)
WordPress Plugin YITH WooCommerce Wishlist Unspecified Vulnerability (2.0.6)
Oracle JRE CVE-2024-21235 Vulnerability (CVE-2024-21235)
WordPress Plugin Flight Search Widget and Blocks Cross-Site Scripting (1.1.0)