CVE-2009-4321

NONE EPSS 82.6%
Published Dec 14, 200916y ago · Modified Jun 16, 20262w ago
Find Similar
Published Dec 14, 2009 16y ago
Last Modified Jun 16, 2026 2w ago

Description

extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other versions, allows remote attackers to read arbitrary files via a file:// URI. NOTE: some of these details are obtained from third party information.

Threat Intelligence

EPSS Exploit Probability
82.6% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-20 Improper Input Validation Validation

Affected Products 2

VendorProductVersionRange
zen-cartzen_cart1.3.8any
zen-cartzen_cart1.3.8aany

References 8

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.