Description
Zen Cart 1.5.7b allows admins to execute arbitrary OS commands by inspecting an HTML radio input element (within the modules edit page) and inserting a command.
Remediation
References
Related Vulnerabilities
WordPress Plugin WP Social Sharing Cross-Site Scripting (2.2)
OpenSSL Improper Input Validation Vulnerability (CVE-2015-0293)
WordPress Plugin Tutor LMS-eLearning and online course solution Security Bypass (2.6.1)
WordPress Plugin Product Slider for WooCommerce Security Bypass (2.5.6)
WordPress Plugin Hero Maps Premium Cross-Site Scripting (2.2.1)