9/12/15 Security Fix all Zen Cart Versions


    

25.00

Add to Cart:

This security fix is regarded as low risk because hacker would need to have admin access.

The popup page for additional images e.g. index.php?main_page=popup_image_additional accepts a GET parameter for products_image_large_additional.

Using a crafted URL an attacker can determine (via the html returned) whether a specific file exists on the server.  This flaw does not indicate the attacker can ACCESS the file, just find out if it exists on the server.
 

If you would like to install this fix yourself, instructions are included on the official Zen Cart website.  You may also visit the site to get technical details of this risk

 


Customers who bought this product also purchased...

Shopping Cart

Your cart is empty.

Customer Reviews

Genius

The best money that I have ever spent. My website had been at a standstill for the past 3 months...Judy was able to take my list+ (I constantly...
Read More ->


Great coder and good prices

Thanks for all your help!
Read More ->


Judy is Truly the ZenCart Guru

Judy took on the massive task of moving my web store from a godaddy server to a new server, upgrading ZenCart to the latest version, giving the site...
Read More ->


Thank you Judy the Zen Cart Guru

I don’t generally write reviews, but Judy is the exception. She and her team took my old antique website, moved it into Zen Cart, gave the site a...
Read More ->


My Angel

My Angel

I wasted 2 weeks of my precious working time TRYING to figure out what I needed to learn to achieve my goal of moving to a new server, upgrading my...
Read More ->


Who's Online

There currently are 4 guests online.
Copyright © 2004 - 2022 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart