Multiple SQL Injection Vulnerabilities in ZeusCart 4 by ZeusCart
CVE-2015-2183

Currently unrated

Key Information:

Vendor: Zeuscart
Status: Zeuscart
Vendor: CVE Published:; 10 March 2015

Badges

👾 Exploit Exists

What is CVE-2015-2183?

ZeusCart 4 is affected by multiple SQL injection vulnerabilities in its administrative backend. These flaws allow remote attackers to execute arbitrary SQL commands via the 'id' parameter in actions such as 'disporders detail' and 'subadminmgt edit', as well as through the 'cid' parameter in the 'editcurrency' action. Exploiting these vulnerabilities may lead to unauthorized access to sensitive data and administrative functionalities.