CVE-2015-2183

Published
View on NVD ↗
CVSS v3
N/A
CVSS v2
7.5
HIGH
Affected
1
PROJECT

Description

Multiple SQL injection vulnerabilities in the administrative backend in ZeusCart 4 allow remote administrators to execute arbitrary SQL commands via the id parameter in a (1) disporders detail or (2) subadminmgt edit action or (3) cid parameter in an editcurrency action to admin/.

ZeusCart/zeuscart
ZeusCart/zeuscart
ZeusCart - PHP - MySQL Based Open Source Shopping Cart - Resposnive Design - GPL License
GitHubGitHub
42