The host is running Zen Cart and is prone to Arbitrary Code Execution vulnerability.

Successful exploitation will let the remote attacker to execute SQL commands or arbitrary code by uploading a .php file, and compromise the application, or exploit latent vulnerabilities in the underlying database. Impact Level: Application

Apply security patch from below link, http://www.zen-cart.com/forum/attachment.php?attachmentid=5965

- Error in admin/sqlpatch.php file due to lack of sanitisation of the input query sting passed into the 'query_string' parameter in an execute action in conjunction with a PATH_INFO of password_forgotten.php file. - Access to admin/record_company.php is not restricted and can be exploited via the record_company_image parameter in conjunction with a PATH_INFO of password_forgotten.php, then accessing this file via a direct request to the file in images/.

Zen Cart version 1.3.8a and prior

• http://secunia.com/advisories/35550
• http://www.zen-cart.com/forum/showthread.php?t=130161

---

Updated on 2017-03-28