ZenCart Permissions Privileges and Access Controls Vulnerability - CVE-2006-0697
Zen Cart before 1.2.7 does not protect the admin/includes directory which allows remote attackers to cause unknown impact via unspecified vectors probably direct requests.