9/12/15 Security Fix all Zen Cart Versions

25.00

Add to Cart:

This security fix is regarded as low risk because hacker would need to have admin access.

The popup page for additional images e.g. index.php?main_page=popup_image_additional accepts a GET parameter for products_image_large_additional.

Using a crafted URL an attacker can determine (via the html returned) whether a specific file exists on the server.  This flaw does not indicate the attacker can ACCESS the file, just find out if it exists on the server.
 

If you would like to install this fix yourself, instructions are included on the official Zen Cart website.  You may also visit the site to get technical details of this risk

 


         

Customers who bought this product also purchased...

Your header in Here

Customer Reviews


Judy is an "Angel"

Judy is an "Angel"! She rescued us from so much frustration and wasted time that we encountered from previous "companies". It's so nice to get...
Read More ->


10+ Year Satisfied Customer!

Judy at: https://zencart-ecommerce-website-design.com, has always been the best we can find to make changes, Updates, and modifications to out...
Read More ->


Awesome job Judy

Judy, thank you very much for the work you did to my website. it looks great, and it does everything that you said it would. I will be calling on...
Read More ->


#1 Professional company to work with!

Zen cart review: for zencarthostingservice.com and zencart-ecommerce-website-design.com LOOK NO FURTHER! Because you will get the best of the best...
Read More ->


Seamless Upgrade

Judy, Just a note to you and your team on the great job you did upgrading my website to the latest Zencart version. I appreciate your...
Read More ->


Who's Online

There currently are 11 guests online.
Copyright © 2004 - 2019 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart