CVE-2009-2254

Name of the Vulnerable Software and Affected Versions Zen Cart versions 1.3.8a, 1.3.8, and earlier

Description The issue allows remote attackers to execute arbitrary SQL commands via the query string parameter in an execute action, in conjunction with a PATH INFO of "password forgotten.php". This is related to a SQL execution issue, where administrative authentication is not required for access to admin/sqlpatch.php.

Recommendations For Zen Cart versions 1.3.8a, 1.3.8, and earlier, consider restricting access to the admin/sqlpatch.php file and require administrative authentication to mitigate the risk of SQL command execution. Avoid using the query string parameter in the execute action until the issue is resolved.