CVE-2009-2255

Name of the Vulnerable Software and Affected Versions Zen Cart versions 1.3.8a, 1.3.8, and earlier

Description The issue allows remote attackers to execute arbitrary code by uploading a .php file via the record company image parameter in conjunction with a PATH INFO of "password forgotten.php", then accessing this file via a direct request to the file in images/.

Recommendations For Zen Cart versions 1.3.8a, 1.3.8, and earlier, consider restricting access to the admin/record company.php file and the images/ directory to prevent unauthorized file uploads and execution. As a temporary workaround, consider disabling the upload functionality for the record company image parameter until a patch is available.