Description
Multiple cross-site scripting (XSS) vulnerabilities in zencart-ja (aka Zen Cart Japanese edition) 1.3 jp through 1.3.0.2 jp8 and 1.5 ja through 1.5.1 ja allow remote attackers to inject arbitrary web script or HTML via a crafted parameter, related to admin/includes/init_includes/init_sanitize.php and includes/init_includes/init_sanitize.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin Squeeze Arbitrary File Upload (1.4)
OpenSSL Cryptographic Issues Vulnerability (CVE-2015-0205)
Ruby on Rails Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-6417)
Jboss EAP Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-4572)
MyBB Permissions, Privileges, and Access Controls Vulnerability (CVE-2008-3967)