Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple SQL injection vulnerabilities in includes/classes/shopping_cart.php in Zen Cart 1.2.0 through 1.3.8a, when magic_quotes_gpc is disabled, allow remote attackers to execute arbitrary SQL commands via the id parameter when (1) adding or (2) updating the shopping cart.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zen Cart 'includes/classes/shopping_cart.php'多个SQL注入漏洞
Vulnerability Description
Zen Cart是开源、免费的商城系统,用于建立专业的网上商店。 Zen Cart 1.2.0到1.3.8a版本中的includes/classes/shopping_cart.php存在多个SQL注入漏洞。当magic_quotes_gpc被中止时,远程攻击者可以借助添加或更新shopping cart过程中的ID参数,执行任意的SQL指令。
CVSS Information
N/A
Vulnerability Type
N/A