Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Multiple cross-site scripting (XSS) vulnerabilities in includes/templates/template_default/common/tpl_header_test_info.php in Zen Cart 1.3.9h, when debugging is enabled, might allow remote attackers to inject arbitrary web script or HTML via the (1) main_page parameter or (2) PATH_INFO, a different vulnerability than CVE-2011-4567.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zen Cart 跨站脚本漏洞
Vulnerability Description
Zen Cart是Zen Cart团队开发的一套开源的购物车系统。该系统主要用于建立网上商店,可支持多种付款方式、多语言选择、网上商城批量更新等。 Zen Cart 1.3.9h版本的includes/templates/template_default/templates/tpl_gv_send_default.php中存在跨站脚本(XSS)漏洞。当启用调试时,远程攻击者可以借助(1) main_page parameter或者(2) PATH_INFO注入任意web脚本或者HTML。
CVSS Information
N/A
Vulnerability Type
N/A