Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
Cross-site scripting (XSS) vulnerability in zc_install/includes/modules/pages/database_setup/header_php.php in Zen Cart 1.5.0 and earlier, when the software is being installed, allows remote attackers to inject arbitrary web script or HTML via the db_username parameter to zc_install/index.php.
CVSS Information
N/A
Vulnerability Type
N/A
Vulnerability Title
Zen Cart 跨站脚本漏洞
Vulnerability Description
Zen Cart是Zen Cart团队开发的一套开源的购物车系统。该系统主要用于建立网上商店,可支持多种付款方式、多语言选择、网上商城批量更新等。 Zen Cart 1.5.0版本和之前版本中的zc_install/includes/modules/pages/database_setup/header_php.php中存在跨站脚本漏洞(XSS)。当安装软件时,远程攻击者可利用该漏洞借助传至zc_install/index.php的db_username参数,注入任意web脚本或HTML。
CVSS Information
N/A
Vulnerability Type
N/A