9/12/15 Security Fix all Zen Cart Versions


    

25.00

Add to Cart:

This security fix is regarded as low risk because hacker would need to have admin access.

The popup page for additional images e.g. index.php?main_page=popup_image_additional accepts a GET parameter for products_image_large_additional.

Using a crafted URL an attacker can determine (via the html returned) whether a specific file exists on the server.  This flaw does not indicate the attacker can ACCESS the file, just find out if it exists on the server.
 

If you would like to install this fix yourself, instructions are included on the official Zen Cart website.  You may also visit the site to get technical details of this risk

 


Customers who bought this product also purchased...

Shopping Cart

Your cart is empty.

Customer Reviews

hooked it up!

Judy went above and beyond the call of duty. She provided a great service to my website and helped me understand what the heck i just paid for lol...
Read More ->


Judy - Zen Cart Goddess!

If you've got Zen Cart, you GOTTA get Judy! We discovered her a couple of years ago when our former web designer went AWOL. Not only did she upgrade...
Read More ->


Judy works like a good friend will

Judy is a rare one, not only does she do her work well, but she is so honest and professional. I would recommend her to anyone who needs help on...
Read More ->


mobile ready

i'm mobile ready thanks to judy - she always makes it super easy to add features and improvements to my online shop
Read More ->


Simply the Best

Judy took special time and solved our problem that was driving us crazy. Very fast, very honest and a pleasure to work with. She should charge more,...
Read More ->


Who's Online

There currently are 13 guests online.
Copyright © 2004 - 2021 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart