CVE-2012-1413
2.6
Vector
AV:N/AC:H/Au:N/C:N/I:P/A:N
Exploitability: 4.9 / Impact: 2.9
Source: NVD
Description
Cross-site scripting (XSS) vulnerability in zc_install/includes/modules/pages/database_setup/header_php.php in Zen Cart 1.5.0 and earlier, when the software is being installed, allows remote attackers to inject arbitrary web script or HTML via the db_username parameter to zc_install/index.php.
Affected (25)
References (2)
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.