11/27/15 Zen Cart Security Patch

25.00

Add to Cart:

1. Problem with /ajax.php in v1.5.4 only - Severity: High
In Zen Cart v1.5.4 the /ajax.php file has a vulnerability which can be used to cause a server exploit under very specific conditions.
Requires replacing the ajax.php file with new one

Below are some additional lower-severity patches affecting prior versions, which should be reviewed carefully for your site, to merge with existing customizations you may have made:

2. XSS problem for unsanitized comment field - Severity: Medium
In Zen Cart versions up to and including v1.5.4 an XSS problem exists with the order-comments field.
XSS problems are where someone can drop in executable/javascript code that can cause problems later when that content is output back to the screen.
Requires patching /includes/modules/pages/checkout_confirmation/header_php.php,

3. Failed customer login puts password back in input box - Severity: Low
When attempting a login with an invalid password, the resulting response contains that invalid password.
Requires patching /includes/functions/html_output.php file
 


         

Customers who bought this product also purchased...

Your header in Here

Customer Reviews


Judy your the best!

We wanted to build another ZenCart site. Got into it and got lost. Thankfully, we found Judy. We emailed her a brief description of where...
Read More ->


5 Star Rating

No, I take that back, she gets a 10 Star rating!!! I have been in business a long time and used a lot of IT people during that time, but Judy...
Read More ->


JUDY!!!

I have gone through hell and back trying to find someone to help me get my website up and running properly. By the grace of god, I found Judy and...
Read More ->


Judy saved my company and site

Judy has saved my site ...I can honestly say this. We are 100% e-commerce. She has installed security upgrades for us. Extras on the site to make...
Read More ->


Two Days!

After a year of fighting with two different web developers, I had an unusable web site. I found Judy on the ZenCart partner list. In TWO DAYS she...
Read More ->


Who's Online

There currently are 10 guests online.
Copyright © 2004 - 2019 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart