9/12/15 Security Fix all Zen Cart Versions


    

25.00

Add to Cart:

This security fix is regarded as low risk because hacker would need to have admin access.

The popup page for additional images e.g. index.php?main_page=popup_image_additional accepts a GET parameter for products_image_large_additional.

Using a crafted URL an attacker can determine (via the html returned) whether a specific file exists on the server.  This flaw does not indicate the attacker can ACCESS the file, just find out if it exists on the server.
 

If you would like to install this fix yourself, instructions are included on the official Zen Cart website.  You may also visit the site to get technical details of this risk

 


Customers who bought this product also purchased...

Shopping Cart

Your cart is empty.

Customer Reviews

Judy is the best !

Judy is the most amazing person to work with. I also found Judy from Google and after talking to her she put my mind at rest as she knew exactly what...
Read More ->


Thanks to Judy....

Judy seamlessly switched my existing site over to Zencart in record time! She "listens" to what you need and makes it all come true! You can...
Read More ->


Quick, efficient, professional

Judy accepted our assignment of fixing a problem caused by an upgrade which we spent three days troubleshooting. She was able to locate the problems...
Read More ->


Judy saved my company and site

Judy has saved my site ...I can honestly say this. We are 100% e-commerce. She has installed security upgrades for us. Extras on the site to make...
Read More ->


10+ Year Satisfied Customer!

Judy at: https://zencart-ecommerce-website-design.com, has always been the best we can find to make changes, Updates, and modifications to out...
Read More ->


Who's Online

There currently are 11 guests online.
Copyright © 2004 - 2020 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart