jQuery(function($) { // Link Information var displayLink = $('a[href*="popupWindowPrice"]'); if (displayLink.length != 0) { var displayLinkUrl = displayLink.attr('href').match(/'(.*?)'/)[1]; displayLink.attr({ 'href':'#' }).colorbox({ 'href':displayLinkUrl, width: '550px', onComplete: function(){ $('#cboxLoadedContent').find('a[href*="window.close"]').closest('td').hide(); } }); } });

Sponsors

Newsletter

Shop With Confidence!

Credit Card Services


Product 5/10

Previous
Return to the Product List
Next

9/12/15 Security Fix all Zen Cart Versions

25.00

Add to Cart:

This security fix is regarded as low risk because hacker would need to have admin access.

The popup page for additional images e.g. index.php?main_page=popup_image_additional accepts a GET parameter for products_image_large_additional.

Using a crafted URL an attacker can determine (via the html returned) whether a specific file exists on the server.  This flaw does not indicate the attacker can ACCESS the file, just find out if it exists on the server.
 

If you would like to install this fix yourself, instructions are included on the official Zen Cart website.  You may also visit the site to get technical details of this risk

 


         

Customers who bought this product also purchased...

Zen Colorbox Modification
Zen Colorbox Modification

Your header in Here

Customer Reviews

View All Testimonials
Add A Testimonial
Problem Solver

Gunderson Enterprises makes it easy for the business owner. Determines the problem, develops a solution, solves the problem and charges a very...
Read More ->

MY HERO :)

ok where do i even begin.. I found Judy on Google when i was searching for some emergency help..like many others i was being had by a web designer...
Read More ->

You're The Best!

Judy has been amazingly helpful. I highly recommend her to others for their Zen Cart design, set up, and troubleshooting.I had many website issues...
Read More ->

Awesome Professional Lady

Thank you, Judy! You are awesome. If I listed all that you did for us, it would take all day and sound like you paid me to say it. I am blessed...
Read More ->

Thanks to Judy....

Judy seamlessly switched my existing site over to Zencart in record time! She "listens" to what you need and makes it all come true! You can...
Read More ->

View All Testimonials
Add A Testimonial

Who's Online

There currently are 8 guests online.
Copyright © 2004 - 2018 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart