extras/curltest.php in Zen Cart 1.3.8 and 1.3.8a, and possibly other versions, allows remote malicious users to read arbitrary files via a file:// URI. NOTE: some of these details are obtained from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
zen-cart zen cart 1.3.8a |
||
zen-cart zen cart 1.3.8 |