Description
SQL injection vulnerability in admin/password_forgotten.php in Zen Cart 1.2.6d and earlier allows remote attackers to execute arbitrary SQL commands via the admin_email parameter.
Remediation
References
Related Vulnerabilities
Resin Application Server Other Vulnerability (CVE-2004-0281)
WordPress Plugin Livemesh Addons for Elementor Security Bypass (2.5.2)
PHP Improper Input Validation Vulnerability (CVE-2014-3487)
PHP Improper Input Validation Vulnerability (CVE-2012-1823)
Drupal Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-2153)