9/12/15 Security Fix all Zen Cart Versions


Add to Cart:

This security fix is regarded as low risk because hacker would need to have admin access.

The popup page for additional images e.g. index.php?main_page=popup_image_additional accepts a GET parameter for products_image_large_additional.

Using a crafted URL an attacker can determine (via the html returned) whether a specific file exists on the server.  This flaw does not indicate the attacker can ACCESS the file, just find out if it exists on the server.

If you would like to install this fix yourself, instructions are included on the official Zen Cart website.  You may also visit the site to get technical details of this risk



Customers who bought this product also purchased...

Your header in Here

Customer Reviews

WOW! Thank you Judy!

I’m so glad to have found you. I am so impressed with how fast you work, your ZC knowledge, your great communication and patience with me. You...

Professional and courteous service

Our experience with Judy has been overwhelmingly positive! She is a great communicator and a delightful person. She saved our company both time and...

Judy Rocks!!

Judy is absolutely the BEST! She did in less than three days what another person had been working on for three months and still didn't have it up and...

Zen Cart Experts

After dealing with other so called "zen cart experts" Judy truly defines the word expert!!! My site has never worked faster and she did all the work...

Great Service

Judy is excellent in web design and help with zen cart. I highly recommend her services. Fast, efficient and great quality work. She is very...

Who's Online

There currently are 3 guests online.
Copyright © 2004 - 2018 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart