9/12/15 Security Fix all Zen Cart Versions

25.00

Add to Cart:

This security fix is regarded as low risk because hacker would need to have admin access.

The popup page for additional images e.g. index.php?main_page=popup_image_additional accepts a GET parameter for products_image_large_additional.

Using a crafted URL an attacker can determine (via the html returned) whether a specific file exists on the server.  This flaw does not indicate the attacker can ACCESS the file, just find out if it exists on the server.
 

If you would like to install this fix yourself, instructions are included on the official Zen Cart website.  You may also visit the site to get technical details of this risk

 


         

Customers who bought this product also purchased...

Your header in Here

Customer Reviews


Fantastic Job!

I highly recommend Judy and Zen Cart Ecommerce Website Design. When I told her what I needed she responded quickly and clearly, unlike other Zen Cart...
Read More ->


Thank you for doing such a good job.

Thank you Judy for doing such a good job on my site and being there whenever I got crazy or impatient.
Read More ->


Don't hesistate!

I was having the worst problems with my web host, my site was down more then it was up. When it was up and running, it was very slow. I had Judy make...
Read More ->


WOW! Thank you Judy!

I’m so glad to have found you. I am so impressed with how fast you work, your ZC knowledge, your great communication and patience with me. You...
Read More ->


I'm glad I Googled!

I found Judy on Google and am so glad I did. Judy added some mods to my shopping cart and worked diligently to make sure everything worked correctly....
Read More ->


Who's Online

There currently are 7 guests online.
Copyright © 2004 - 2019 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart