jQuery(function($) { // Link Information var displayLink = $('a[href*="popupWindowPrice"]'); if (displayLink.length != 0) { var displayLinkUrl = displayLink.attr('href').match(/'(.*?)'/)[1]; displayLink.attr({ 'href':'#' }).colorbox({ 'href':displayLinkUrl, width: '550px', onComplete: function(){ $('#cboxLoadedContent').find('a[href*="window.close"]').closest('td').hide(); } }); } });

11/27/15 Zen Cart Security Patch

25.00

Add to Cart:

1. Problem with /ajax.php in v1.5.4 only - Severity: High
In Zen Cart v1.5.4 the /ajax.php file has a vulnerability which can be used to cause a server exploit under very specific conditions.
Requires replacing the ajax.php file with new one

Below are some additional lower-severity patches affecting prior versions, which should be reviewed carefully for your site, to merge with existing customizations you may have made:

2. XSS problem for unsanitized comment field - Severity: Medium
In Zen Cart versions up to and including v1.5.4 an XSS problem exists with the order-comments field.
XSS problems are where someone can drop in executable/javascript code that can cause problems later when that content is output back to the screen.
Requires patching /includes/modules/pages/checkout_confirmation/header_php.php,

3. Failed customer login puts password back in input box - Severity: Low
When attempting a login with an invalid password, the resulting response contains that invalid password.
Requires patching /includes/functions/html_output.php file
 


         

Customers who bought this product also purchased...

Your header in Here

Customer Reviews


Professional and courteous service

Our experience with Judy has been overwhelmingly positive! She is a great communicator and a delightful person. She saved our company both time and...
Read More ->


Judy is the best !

Judy is the most amazing person to work with. I also found Judy from Google and after talking to her she put my mind at rest as she knew exactly what...
Read More ->


Judy's THE best!!

Judy's the absolute best! I called her one day and the next day, our Zen upgrade was complete, switched over and running properly!! It would have...
Read More ->


Our hero!

Judy is not only a pleasure to work with, she is fast and knowledgeable, and patient beyond belief in answering our questions and helping us find the...
Read More ->


Judy is a pleasure to do business with

I came across Judy by accident, Google actually, after having had trouble with a couple of people who were not interested in helping develop a...
Read More ->


Who's Online

There currently are 6 guests online.
Copyright © 2004 - 2018 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart