Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in includes/templates/template_default/templates/tpl_gv_send_default.php in Zen Cart before 1.5 allows remote attackers to inject arbitrary web script or HTML via the message parameter in a gv_send action to index.php, a different vulnerability than CVE-2011-4547.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zen Cart gv_send操作跨站脚本漏洞
Vulnerability Description
Zen Cart是Zen Cart团队开发的一套开源的购物车系统。该系统主要用于建立网上商店,可支持多种付款方式、多语言选择、网上商城批量更新等。 Zen Cart 1.5之前版本的includes/templates/template_default/templates/tpl_gv_send_default.php中存在跨站脚本(XSS)漏洞。远程攻击者可以借助message参数注入任意web脚本或者HTML。
CVSS Information
N/A
Vulnerability Type
N/A