Vulnerabilities > ZEN Cart > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2021-03-19 | CVE-2020-6578 | Cross-site Scripting vulnerability in Zen-Cart ZEN Cart 1.5.6D Zen Cart 1.5.6d allows reflected XSS via the main_page parameter to includes/templates/template_default/common/tpl_main_page.php or includes/templates/responsive_classic/common/tpl_main_page.php. | 6.1 |
| 2017-06-29 | CVE-2017-10667 | Cross-site Scripting vulnerability in Zen-Cart ZEN Cart 1.6.0 In index.php in Zen Cart 1.6.0, the products_id parameter can cause XSS. | 6.1 |
| 2017-05-08 | CVE-2017-8833 | Cross-site Scripting vulnerability in Zen-Cart ZEN Cart 1.6.0 Zen Cart 1.6.0 has XSS in the main_page parameter to index.php. | 6.1 |