Zen.Cart.Record.Company.Code.Execution
Description
This indicates an attack attempt against a code-execution vulnerability in Zen Cart.
The vulnerability is caused by an error when the vulnerable software handles a malicious POST request. It allows a remote attacker to execute arbitrary code via sending a crafted web page.
Affected Products
Zen Cart 1.3.8 is vulnerable; other versions may also be affected.
Impact
System compromise
Recommended Actions
Apply the patch, available at the following web site:
http://www.zen-cart.com/forum/showthread.php?t=130161
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |