Zen Cart “Exploit” Prevention

Posted June 24th, 2009 in Tech Corner. Tags: , .

Zen Cart is a popular e-commerce platform that many of our customers use.

Unfortunately, the current version of Zen Cart has a bug that allows “hackers” to take control of the Zen Cart software, which includes making changes to the Zen Cart database and installing new files. “Exploits” that take advantage of the bug have started circulating widely in the last 24 hours.

We’ve added rules to all our Web servers that block the two forms of attack we’re aware of (the “Zen Cart 1.3.8 Remote Code Execution Exploit” and the “Zen Cart 1.3.8 Remote SQL Execution Exploit”). This should protect our customers in the short term.

However, hackers may find new forms of the attack in the future. Because of that, Zen Cart users should apply the security patch Zen Cart is offering and make sure they’ve followed their security recommendations.

  1. Recent Posts

    1. PHP versions 8.1.28, 8.2.18, and 8.3.6
    2. PHP versions 8.2.17 and 8.3.4
    3. President’s Day 2024 holiday hours
    4. PHP versions 8.1.27 and 8.2.15
    5. Martin Luther King, Jr. Day 2024 holiday hours
    6. New Year’s 2024 Holiday Hours
    7. Christmas 2023 Holiday Hours
    8. Brief scheduled maintenance December 16-17, 2023
    9. Thanksgiving 2023 Holiday Hours
    10. PHP versions 8.1.25 and 8.2.12

  2. Categories

  3. Tags

    all servers email holiday hours linux mailman maintenance mod_security mysql network php phpmyadmin security server updates spam ssl status updates webmail wordpress zapp

  4. Feeds