ZenCart 1.5.1 Multiple Vulnerabilities

2014.02.22

Credit: UmPire

Risk: Low

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

Dork: inurl:\"zc_install/index.php\"

# Exploit Title: ZenCart v1.5.1 - Multiple Vulnerabilities
# Exploit Author: UmPire
# Date: 21 Feb 2014
# Vendor Homepage: https://www.zen-cart.com/
# Version: 1.5.1
# Tested on: Windows
[+]Google Dork: inurl:"zc_install/index.php"
Cross Site Scripting Vulnerability
=========================
In the fourth step of installation, there are vulnerable fields.
vulnerable input: " onmouseover=alert(/Hacked/) bad="
Full Path Disclosure
=========================
In the third step of installation there is this vulnerability
Path_Translated = Drive:\\[WebPage-Directiory]\\[USER]\\zen\\zc_install\\index.php
Sensitive phpinfo reading
=========================
This is in this path:
http://[Host]/zen/zc_install/includes/phpinfo.php
[-]Demo sites:
http://dublinerXstl.com/zencart/zc_install/index.php
http://www.fickXle.jp/zen/zc_install/index.php
[+]Patch:
Simply remove zc_install directory.
____________________________
By UmPire from Iran Security Group(I.S.G)
Tnx To: Root.Smasher|Black V!per|Mr.Moein|UmPire|Sultan Brain|Alireza_Promis
M4hdi|Social Engineer|TaK.FaNaR|hack3core

References:

https://www.zen-cart.com/

See this note in RAW Version

Vote for this issue:

50%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

ZenCart 1.5.1 Multiple Vulnerabilities

Dork: inurl:\"zc_install/index.php\"

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.