CVE-2006-6868

Published: Dec 31, 2006Modified: Apr 23, 2026

6.8

Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Exploitability: 8.6 / Impact: 6.4

Source: NVD

Description

Multiple cross-site scripting (XSS) vulnerabilities in Zen Cart Web Shopping Cart before 1.3.7 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.

Affected (6)

Products: Zen Cart: Web Shopping Cart

1 product

Web Shopping Cart

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Zen Cart Web Shopping Cart	Version 1.1.2d
Zen Cart Web Shopping Cart	Version 1.2.6d
Zen Cart Web Shopping Cart	Version 1.2.7
Zen Cart Web Shopping Cart	Version 1.3.2
Zen Cart Web Shopping Cart	Version 1.3.5
Zen Cart Web Shopping Cart	Version 1.3

References (10)

http://secunia.com/advisories/23482

Source: cve@mitre.org

Vendor Advisory

http://www.securityfocus.com/bid/21842

Source: cve@mitre.org

http://www.vupen.com/english/advisories/2007/0022

Source: cve@mitre.org

http://www.zen-cart.com/forum/showthread.php?t=54615

Source: cve@mitre.org

https://exchange.xforce.ibmcloud.com/vulnerabilities/31202

Source: cve@mitre.org

http://secunia.com/advisories/23482

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://www.securityfocus.com/bid/21842

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.vupen.com/english/advisories/2007/0022

Source: af854a3a-2127-422b-91ae-364da2661108

http://www.zen-cart.com/forum/showthread.php?t=54615

Source: af854a3a-2127-422b-91ae-364da2661108

https://exchange.xforce.ibmcloud.com/vulnerabilities/31202

Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.