9/12/15 Security Fix all Zen Cart Versions


    

25.00

Add to Cart:

This security fix is regarded as low risk because hacker would need to have admin access.

The popup page for additional images e.g. index.php?main_page=popup_image_additional accepts a GET parameter for products_image_large_additional.

Using a crafted URL an attacker can determine (via the html returned) whether a specific file exists on the server.  This flaw does not indicate the attacker can ACCESS the file, just find out if it exists on the server.
 

If you would like to install this fix yourself, instructions are included on the official Zen Cart website.  You may also visit the site to get technical details of this risk

 


Customers who bought this product also purchased...

Shopping Cart

Your cart is empty.

Customer Reviews

Goes above and beyond!

Judy has gone above and beyond while developing our website, she even corresponded with our old website guy (that we were leaving) so that we...
Read More ->


Better than I could ever hope for

Wish I had known of Judy long ago. Too many bad memories of expensive, non responsive IT help before. Found Judy looking for info on how to update my...
Read More ->


Awesome Job, Very Fast Work

I was in need of a major update on my site, so I had found someone to do it but instead they messed it up and made the site worse. So I found Judy...
Read More ->


Judy is the Greatest

God Bless Judy! As I struggled with my old website not working and my old webdesigner not letting me have any input or control of my own website . ....
Read More ->


Zencart Guru

Judy Gunderson and staff are so talented if you have a Zencart website as I do. I found her on the internet while having a zencart problem and she...
Read More ->


Who's Online

There currently are 9 guests online.
Copyright © 2004 - 2020 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart