Vulnerabilities > CVE-2004-2024 - Unspecified vulnerability in ZEN Cart ZEN Cart 1.1.4

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN
zen-cart
NVD
Published: 2004-12-31
Updated: 2024-11-20

Summary

The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functionality, which allows attackers to gain administrative privileges via password_forgotten.php.

Vulnerable Configurations

Part Description Count
Application
Zen_Cart
1

References