9/12/15 Security Fix all Zen Cart Versions

25.00

Add to Cart:

This security fix is regarded as low risk because hacker would need to have admin access.

The popup page for additional images e.g. index.php?main_page=popup_image_additional accepts a GET parameter for products_image_large_additional.

Using a crafted URL an attacker can determine (via the html returned) whether a specific file exists on the server.  This flaw does not indicate the attacker can ACCESS the file, just find out if it exists on the server.
 

If you would like to install this fix yourself, instructions are included on the official Zen Cart website.  You may also visit the site to get technical details of this risk

 


         

Customers who bought this product also purchased...

Your header in Here

Customer Reviews


5 Star Rating

No, I take that back, she gets a 10 Star rating!!! I have been in business a long time and used a lot of IT people during that time, but Judy...
Read More ->


Judy IS THE BOMB!

Judy is an angel...she had our website up and running over a holiday weekend! We built the main website, but ran into many problem areas, Judy fixed...
Read More ->


Judy Gunderson saved my bacon!

Judy Gunderson saved my bacon! Actually, she saved my store database, putting it back together after a series of unfortunate incidents in which...
Read More ->


Judy's THE best!!

Judy's the absolute best! I called her one day and the next day, our Zen upgrade was complete, switched over and running properly!! It would have...
Read More ->


Genius

The best money that I have ever spent. My website had been at a standstill for the past 3 months...Judy was able to take my list+ (I constantly...
Read More ->


Who's Online

There currently are 7 guests online.
Copyright © 2004 - 2019 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart