CVE-2009-2255

CVE-2009-2255 · MEDIUM Severity

AV:N/AC:M/AU:N/C:P/I:P/A:P

Zen Cart 1.3.8a, 1.3.8, and earlier does not require administrative authentication for admin/record_company.php, which allows remote attackers to execute arbitrary code by uploading a .php file via the record_company_image parameter in conjunction with a PATH_INFO of password_forgotten.php, then accessing this file via a direct request to the file in images/.

Learn more about our Web Application Penetration Testing UK.