Zeuscart version 4 suffers from cross site scripting and remote SQL injection vulnerabilities.