|Author: N0 Feel||, Published: 23-09-2014|
# Exploit Title: zen cart v1.3.8a stored xss
# Google Dork: ur mind better than me :p
# Exploit Author: N0 Feel
# Vendor Homepage: http://www.zen-cart.com/
# Version: v1.3.8a
# Tested on: win7
- zen cart suffer from stored xss in admin panel
- click new category
- inject js/html into "Categories Description"
- go to to site open your category by name
- B00m :D
#this vuln in admin panel -_- ?
you can hack site's users with browser exploit or other way
Like us on Facebook :