9/12/15 Security Fix all Zen Cart Versions


    

25.00

Add to Cart:

This security fix is regarded as low risk because hacker would need to have admin access.

The popup page for additional images e.g. index.php?main_page=popup_image_additional accepts a GET parameter for products_image_large_additional.

Using a crafted URL an attacker can determine (via the html returned) whether a specific file exists on the server.  This flaw does not indicate the attacker can ACCESS the file, just find out if it exists on the server.
 

If you would like to install this fix yourself, instructions are included on the official Zen Cart website.  You may also visit the site to get technical details of this risk

 


Customers who bought this product also purchased...

Shopping Cart

Your cart is empty.

Customer Reviews

Judy Gunderson saved my bacon!

Judy Gunderson saved my bacon! Actually, she saved my store database, putting it back together after a series of unfortunate incidents in which...
Read More ->


Great Company to Do Business With

I am so glad that I discovered ZenCart Ecommerce Website Design. Not only do they have reasonable prices . . . they will actually talk to you on the...
Read More ->


Thank You Judy

Thank you so much! You did an excellent job! We are very satisfied with the work you did.
Read More ->


Judy is the BEST!

Where does one begin? I am a VERY picky person especially when it comes to my sites. Judy has performed above and beyond each and every time. One...
Read More ->


Guru Judy

I have indeed found my new guru in Judy!! She literally saved my website and my sanity. For the past year I have been on a roller coaster ride with...
Read More ->


Who's Online

There currently are 7 guests online.
Copyright © 2004 - 2021 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart