9/12/15 Security Fix all Zen Cart Versions


    

25.00

Add to Cart:

This security fix is regarded as low risk because hacker would need to have admin access.

The popup page for additional images e.g. index.php?main_page=popup_image_additional accepts a GET parameter for products_image_large_additional.

Using a crafted URL an attacker can determine (via the html returned) whether a specific file exists on the server.  This flaw does not indicate the attacker can ACCESS the file, just find out if it exists on the server.
 

If you would like to install this fix yourself, instructions are included on the official Zen Cart website.  You may also visit the site to get technical details of this risk

 


Customers who bought this product also purchased...

Shopping Cart

Your cart is empty.

Customer Reviews

Judy is a pleasure to do business with

I came across Judy by accident, Google actually, after having had trouble with a couple of people who were not interested in helping develop a...
Read More ->


Judy did an amazing job!

It was pain and frustration getting our store open. We started looking and talking to different zencart designers but ultimately she was the most...
Read More ->


Outstanding Knowledge of Zen Cart

Over the past several years, Judy and her team have provided an unparalleled level of technical support for my business. In the years prior to...
Read More ->


Savy and up-to-date for todays competitive markets.

Judy's work is AMAZING! From the moment I first spoke to her on the phone I knew this was the person I wanted to have working to bring MY visions of...
Read More ->


Above and Beyond!

I have used Judy several times over the years to upgrade my zencart. This last time we did an upgrade to version 1.3.9a. I didn't have to wait long...
Read More ->


Who's Online

There currently are 11 guests online.
Copyright © 2004 - 2022 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart