9/12/15 Security Fix all Zen Cart Versions

25.00

Add to Cart:

This security fix is regarded as low risk because hacker would need to have admin access.

The popup page for additional images e.g. index.php?main_page=popup_image_additional accepts a GET parameter for products_image_large_additional.

Using a crafted URL an attacker can determine (via the html returned) whether a specific file exists on the server.  This flaw does not indicate the attacker can ACCESS the file, just find out if it exists on the server.
 

If you would like to install this fix yourself, instructions are included on the official Zen Cart website.  You may also visit the site to get technical details of this risk

 


         

Customers who bought this product also purchased...

Your header in Here

Customer Reviews


MY HERO :)

ok where do i even begin.. I found Judy on Google when i was searching for some emergency help..like many others i was being had by a web designer...
Read More ->


Thank You Judy

Thank you so much! You did an excellent job! We are very satisfied with the work you did.
Read More ->


Zen Cart Experts

After dealing with other so called "zen cart experts" Judy truly defines the word expert!!! My site has never worked faster and she did all the work...
Read More ->


100% Fantastic, friendly support

We had some very firm ideas about how our web store should look, but we weren't sure if it could be done. Judy just did it! Despite a lot of...
Read More ->


Dreams really do come true!

I searched a long time to find the right website designer. Having a website has been a dream of mine for a long time, and Judy has made it all...
Read More ->


Who's Online

There currently are 4 guests online.
Copyright © 2004 - 2018 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart