CVE-2011-4567

Zen Cart < 1.5 - Cross-Site Scripting via Message Parameter in Gift Voucher Send

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2011-4567. PoCs published by RPinto.

AI-analyzed exploit summary The exploit demonstrates a stored XSS vulnerability in Zen Cart 1.3.9h by injecting malicious JavaScript via the 'message' parameter in a POST request to the 'gv_send' page. The vulnerability arises due to insufficient input sanitization, allowing arbitrary script execution in the context of the affected site.

Description

Cross-site scripting (XSS) vulnerability in includes/templates/template_default/templates/tpl_gv_send_default.php in Zen Cart before 1.5 allows remote attackers to inject arbitrary web script or HTML via the message parameter in a gv_send action to index.php, a different vulnerability than CVE-2011-4547.

Exploits (1)

exploitdb WORKING POC VERIFIED
by RPinto · textwebappsphp
https://www.exploit-db.com/exploits/36346

The exploit demonstrates a stored XSS vulnerability in Zen Cart 1.3.9h by injecting malicious JavaScript via the 'message' parameter in a POST request to the 'gv_send' page. The vulnerability arises due to insufficient input sanitization, allowing arbitrary script execution in the context of the affected site.

Classification
Working Poc 90%
Attack Type
Xss
Complexity
Trivial
Reliability
Reliable
Target: Zen Cart 1.3.9h
No auth needed
Prerequisites: Access to the target Zen Cart instance
MITRE ATT&CK
mistral-large-3 · analyzed Feb 18, 2026 Full analysis →

References (3)

Core 3
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/71519
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/50787

Scores

EPSS 0.0161
EPSS Percentile 73.1%

Details

CWE
CWE-79
Status published
Products (20)
zen-cart/zen_cart 1.1.0
zen-cart/zen_cart 1.1.3
zen-cart/zen_cart 1.2.0d
zen-cart/zen_cart 1.2.1 patch1
zen-cart/zen_cart 1.2.1d
zen-cart/zen_cart 1.2.2d
zen-cart/zen_cart 1.2.3d
zen-cart/zen_cart 1.2.4.1
zen-cart/zen_cart 1.2.4d
zen-cart/zen_cart 1.2.5d
... and 10 more
Published Nov 29, 2011
Tracked Since Feb 18, 2026