9/12/15 Security Fix all Zen Cart Versions


    

25.00

Add to Cart:

This security fix is regarded as low risk because hacker would need to have admin access.

The popup page for additional images e.g. index.php?main_page=popup_image_additional accepts a GET parameter for products_image_large_additional.

Using a crafted URL an attacker can determine (via the html returned) whether a specific file exists on the server.  This flaw does not indicate the attacker can ACCESS the file, just find out if it exists on the server.
 

If you would like to install this fix yourself, instructions are included on the official Zen Cart website.  You may also visit the site to get technical details of this risk

 


Customers who bought this product also purchased...

Shopping Cart

Your cart is empty.

Customer Reviews

Judy Gunderson is the best!

I would highly recommend contacting her if you need help with your Zen cart store. Our site was pretty messed up by a designer that really...
Read More ->


Fantastic Job!

I highly recommend Judy and Zen Cart Ecommerce Website Design. When I told her what I needed she responded quickly and clearly, unlike other Zen Cart...
Read More ->


Judy saved my company and site

Judy has saved my site ...I can honestly say this. We are 100% e-commerce. She has installed security upgrades for us. Extras on the site to make...
Read More ->


mobile ready

i'm mobile ready thanks to judy - she always makes it super easy to add features and improvements to my online shop
Read More ->


Judy did an amazing job!

It was pain and frustration getting our store open. We started looking and talking to different zencart designers but ultimately she was the most...
Read More ->


Who's Online

There currently are 4 guests online.
Copyright © 2004 - 2019 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart