Description
Zen Cart before 1.2.7 does not protect the admin/includes directory, which allows remote attackers to cause unknown impact via unspecified vectors, probably direct requests.
Remediation
References
Related Vulnerabilities
Jenkins Loop with Unreachable Exit Condition ('Infinite Loop') Vulnerability (CVE-2018-1000864)
WordPress Plugin Easy Author Image Information Disclosure (1.5)
WordPress Plugin Chamber Dashboard Member Manager Cross-Site Scripting (2.0.5)
WordPress Plugin mb.YTPlayer for background videos Unspecified Vulnerability (1.7.2)