9/12/15 Security Fix all Zen Cart Versions


    

25.00

Add to Cart:

This security fix is regarded as low risk because hacker would need to have admin access.

The popup page for additional images e.g. index.php?main_page=popup_image_additional accepts a GET parameter for products_image_large_additional.

Using a crafted URL an attacker can determine (via the html returned) whether a specific file exists on the server.  This flaw does not indicate the attacker can ACCESS the file, just find out if it exists on the server.
 

If you would like to install this fix yourself, instructions are included on the official Zen Cart website.  You may also visit the site to get technical details of this risk

 


Customers who bought this product also purchased...

Shopping Cart

Your cart is empty.

Customer Reviews

Awesome job Judy

Judy, thank you very much for the work you did to my website. it looks great, and it does everything that you said it would. I will be calling on...
Read More ->


Quick, efficient, professional

Judy accepted our assignment of fixing a problem caused by an upgrade which we spent three days troubleshooting. She was able to locate the problems...
Read More ->


Saved our company !!

I truly thought that our site was doomed. With the Zen Cart patch vulnerability threat that I was unaware of as well as our Web Mistress. The site...
Read More ->


100% Fantastic, friendly support

We had some very firm ideas about how our web store should look, but we weren't sure if it could be done. Judy just did it! Despite a lot of...
Read More ->


Judy - Zen Cart Goddess!

If you've got Zen Cart, you GOTTA get Judy! We discovered her a couple of years ago when our former web designer went AWOL. Not only did she upgrade...
Read More ->


Who's Online

There currently are 7 guests online.
Copyright © 2004 - 2020 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart