Description

Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/sqlpatch.php, which allows remote attackers to execute arbitrary SQL commands via the query_string parameter in an execute action, in conjunction with a PATH_INFO of password_forgotten.php, related to a "SQL Execution" issue.

Remediation

References

CVE-2009-2254

Related Vulnerabilities

Oracle Application Server CVE-2007-5516 Vulnerability (CVE-2007-5516)

GlassFish CVE-2012-0550 Vulnerability (CVE-2012-0550)

Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-7945)

MySQL CVE-2021-35628 Vulnerability (CVE-2021-35628)

WordPress Plugin Yoast SEO Cross-Site Scripting (5.7.1)

Severity

High

Classification

CVE-2009-2254 CWE-138

Tags

Missing Update Known Vulnerabilities