[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"all-banners":3,"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0":4,"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU":11,"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU":17,"vulnerability-22102":24},[],["Island",5],{"key":6,"params":7,"result":9},"SkipToContent_34xgpJIRRkpiT6ls6jE4NHf7VpvQCQBEwi69exi4oT0",{"props":8},"{}",{"head":10},{},["Island",12],{"key":13,"params":14,"result":15},"FooterNav_JsYsxvLufb1W12aeknKZ89on0MD0bNDTiB5EYxyxmU",{"props":8},{"head":16},{},["Island",18],{"key":19,"params":20,"result":22},"FooterSocial_u16tCafBUeGMoDrdLfTINytP2JB5msc6iB3VDUutAoU",{"props":21},"{\"text-color\":\"gray\"}",{"head":23},{},{"id":25,"detectable_with":26,"vuln_details":33,"vuln_id":50,"name":51,"published":52,"updated":34},22102,{"tool":27,"engine":30},{"id":28,"name":29},1,"Network Scanner",{"id":31,"name":32},3,"OpenVAS",{"id":25,"codename":34,"description":34,"severity":34,"risk_description":35,"public_description":36,"public_recommendation":37,"recommendation":34,"references":38,"cvssv3":34,"epss_score":44,"epss_percentile":45,"cve":46,"in_cisa_catalog":49,"date":34,"software_type":34,"vendor":34,"product":34,"ptt_exploit_capabilities":34},null,"The following vulnerabilities exist: - CVE-2009-2254: Error in admin/sqlpatch.php file due to lack of sanitisation of the input query string passed into the query_string parameter in an execute action in conjunction with a PATH_INFO of password_forgotten.php file. - CVE-2009-2255: Access to admin/record_company.php is not restricted and can be exploited via the record_company_image parameter in conjunction with a PATH_INFO of password_forgotten.php, then accessing this file via a direct request to the file in images/. Successful exploitation will let the remote attacker to execute SQL commands or arbitrary code by uploading a .php file, and compromise the application, or exploit latent vulnerabilities in the underlying database.","Zen Cart is prone to multiple vulnerabilities.","Apply the security patch from the references.",[39,40,41,42,43],"http://secunia.com/advisories/35550","http://www.milw0rm.com/exploits/9004","http://www.milw0rm.com/exploits/9005","http://www.zen-cart.com/forum/showthread.php?t=130161","http://www.zen-cart.com/forum/attachment.php?attachmentid=5965",0.35175,0.97018,[47,48],"CVE-2009-2254","CVE-2009-2255",false,"NETSCAN-OPENVAS-1.3.6.1.4.1.25623.1.0.800820","Zen Cart \u003C= 1.3.8a Multiple Vulnerabilities","2018-01-02T00:00:00Z"]