Posted by Curesec Research Team (CRT) on Sep 15

ZeusCart 4.0: SQL Injection
Security Advisory – Curesec Research Team

1. Introduction

Affected Product: ZeusCart 4.0
Fixed in: not fixed
Fixed Version Link: n/a
Vendor Contact: support () zeuscart com
Vulnerability Type: SQL Injection
Remote Exploitable: Yes
Reported to vendor: 08/13/2015
Disclosed to public: 09/14/2015
Release mode: Full Disclosure
CVE:…