Description
extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other versions, allows remote attackers to read arbitrary files via a file:// URI. NOTE: some of these details are obtained from third party information.
Remediation
References
Related Vulnerabilities
SharePoint CVE-2022-41037 Vulnerability (CVE-2022-41037)
WordPress Plugin Far Future Expiry Header Cross-Site Request Forgery (1.4)
Jenkins Improper Input Validation Vulnerability (CVE-2016-0792)
WordPress Plugin Car Rental System Cross-Site Scripting (1.3)
WordPress Plugin WP Survey And Quiz Tool 'rowcount' Parameter Cross-Site Scripting (2.9.2)