| VID |
21955 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Zen Cart is vulnerable to a remote file include vulnerability via the 'autoLoadConfig' parameter. Zen Cart is an open source e-commerce shopping cart system based on the PHP programming language and a MySQL database. Zen Cart version 1.3.0.2 and earlier versions are vulnerable to a remote file include vulnerability, caused by improper validation of user-supplied input passed to the 'autoLoadConfig' array parameter of the 'index.php' script. If the register_globals is enabled, a remote attacker could send a specially-crafted URL request to execute arbitrary PHP code and operating system commands on the affected host.
* References:
http://secunia.com/advisories/21484/
http://www.frsirt.com/english/advisories/2006/3283
http://www.gulftech.org/?node=research&article_id=00109-08152006
http://www.zencart.com/
* Platforms Affected:
Open Source, Zen Cart version 1.3.0.2 and earlier versions
Any operating system Any version |
| Recommendation |
No upgrade or patch available as of Aug 2006.
Upgrade to the latest version of Zen Cart, when new version fixed this problem becomes available from the Zen Cart Web site at http://www.zen-cart.com/forum/showthread.php?t=43579c
As a workaround, disable PHP's 'register_globals' setting. |
| Related URL |
CVE-2006-4215 (CVE) |
| Related URL |
19543 (SecurityFocus) |
| Related URL |
28394 (ISS) |
|
