9/12/15 Security Fix all Zen Cart Versions

25.00

Add to Cart:

This security fix is regarded as low risk because hacker would need to have admin access.

The popup page for additional images e.g. index.php?main_page=popup_image_additional accepts a GET parameter for products_image_large_additional.

Using a crafted URL an attacker can determine (via the html returned) whether a specific file exists on the server.  This flaw does not indicate the attacker can ACCESS the file, just find out if it exists on the server.
 

If you would like to install this fix yourself, instructions are included on the official Zen Cart website.  You may also visit the site to get technical details of this risk

 


         

Customers who bought this product also purchased...

Your header in Here

Customer Reviews


Incredible!

I found Judy out of sheer desperation. I had been working with another company for approx. 1 1/2 years! and they never finished my site or configured...
Read More ->


Great service

Judy, thank you for your work on my site so happy I found you :)
Read More ->


Zen Cart Guru

After many hours of hard work and frustration with other web developers, we desperately needed to find someone we could rely on. We finally found...
Read More ->


Saved The Day!

Judy helped us after we were abandoned by another company. Knowing that our website was down, she immediately went to work and upgraded our zen cart...
Read More ->


Zencart Guru

Judy Gunderson and staff are so talented if you have a Zencart website as I do. I found her on the internet while having a zencart problem and she...
Read More ->


Who's Online

There currently are 9 guests online.
Copyright © 2004 - 2019 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart