11/27/15 Zen Cart Security Patch

25.00

Add to Cart:

1. Problem with /ajax.php in v1.5.4 only - Severity: High
In Zen Cart v1.5.4 the /ajax.php file has a vulnerability which can be used to cause a server exploit under very specific conditions.
Requires replacing the ajax.php file with new one

Below are some additional lower-severity patches affecting prior versions, which should be reviewed carefully for your site, to merge with existing customizations you may have made:

2. XSS problem for unsanitized comment field - Severity: Medium
In Zen Cart versions up to and including v1.5.4 an XSS problem exists with the order-comments field.
XSS problems are where someone can drop in executable/javascript code that can cause problems later when that content is output back to the screen.
Requires patching /includes/modules/pages/checkout_confirmation/header_php.php,

3. Failed customer login puts password back in input box - Severity: Low
When attempting a login with an invalid password, the resulting response contains that invalid password.
Requires patching /includes/functions/html_output.php file
 


         

Customers who bought this product also purchased...

Your header in Here

Customer Reviews


Judy IS THE BOMB!

Judy is an angel...she had our website up and running over a holiday weekend! We built the main website, but ran into many problem areas, Judy fixed...
Read More ->


Judy is the BEST!

Where does one begin? I am a VERY picky person especially when it comes to my sites. Judy has performed above and beyond each and every time. One...
Read More ->


Saved The Day!

Judy helped us after we were abandoned by another company. Knowing that our website was down, she immediately went to work and upgraded our zen cart...
Read More ->


Judy is an "Angel"

Judy is an "Angel"! She rescued us from so much frustration and wasted time that we encountered from previous "companies". It's so nice to get...
Read More ->


Savy and up-to-date for todays competitive markets.

Judy's work is AMAZING! From the moment I first spoke to her on the phone I knew this was the person I wanted to have working to bring MY visions of...
Read More ->


Who's Online

There currently are 6 guests online.
Copyright © 2004 - 2019 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart