CVE-2004-2024
Severity CVSS v4.0:
Pending analysis
Type:
Unavailable / Other
Publication date:
31/12/2004
Last modified:
05/09/2008
Description
The distribution of Zen Cart 1.1.4 before patch 2 includes certain debugging code in the Admin password retrieval functionality, which allows attackers to gain administrative privileges via password_forgotten.php.
Impact
Base Score 2.0
7.50
Severity 2.0
HIGH
Vulnerable products and versions
CPE | From | Up to |
---|---|---|
cpe:2.3:a:zen_cart:zen_cart:1.1.4:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page