Security Advisory

CVE-2004-2023

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2005-05-10 04:00:00

Last updated 2024-08-08 01:15:01

Assigner mitre

State PUBLISHED

Description

SQL injection vulnerability in login.php in Zen Cart 1.1.2d, 1.1.4 before patch 1, and possibly other versions allows remote attackers to execute arbitrary SQL via the (1) admin_name or (2) admin_pass parameters.

← Browse all CVEs View on cve.org ↗