cbcvebase.
CVE-2015-8352
published 2017-08-24

CVE-2015-8352: Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act…

PriorityP269critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EXPLOIT
EPSS
15.64%
96.4th percentile
Directory traversal vulnerability in Zen Cart 1.5.4 allows remote attackers to include and execute arbitrary local files via a .. (dot dot) in the act parameter to ajax.php.

Affected

1 ranges
VendorProductVersion rangeFixed in
zen-cartzen_cart

Detection & IOCsextracted from sources · hover to see the quote

urlhttp://[host]/ajax.php?method=1&act=/../../../../tmp/file
path/ajax.php
  • Monitor HTTP GET requests to /ajax.php containing directory traversal sequences (e.g., '../' or '..') in the 'act' parameter, which is used unsafely in a require() call to include local PHP files.
  • Flag unauthenticated requests to /ajax.php where the 'act' parameter value contains path traversal patterns (e.g., /../../../../) pointing to arbitrary filesystem locations such as /tmp/.
  • The attack requires no authentication; alert on any external/unauthenticated source triggering the traversal pattern against /ajax.php.
  • ·Vulnerability is specific to Zen Cart version 1.5.4; patched by vendor on November 26, 2015. Ensure the vendor patch referenced in the Zen Cart security thread is applied.
  • ·The vendor patch is available at the Zen Cart forum security thread; unpatched installations remain fully exploitable by remote unauthenticated attackers.

CVSS provenance

nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.010.0CRITICALAV:N/AC:L/Au:N/C:C/I:C/A:C
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.