11/27/15 Zen Cart Security Patch

25.00

Add to Cart:

1. Problem with /ajax.php in v1.5.4 only - Severity: High
In Zen Cart v1.5.4 the /ajax.php file has a vulnerability which can be used to cause a server exploit under very specific conditions.
Requires replacing the ajax.php file with new one

Below are some additional lower-severity patches affecting prior versions, which should be reviewed carefully for your site, to merge with existing customizations you may have made:

2. XSS problem for unsanitized comment field - Severity: Medium
In Zen Cart versions up to and including v1.5.4 an XSS problem exists with the order-comments field.
XSS problems are where someone can drop in executable/javascript code that can cause problems later when that content is output back to the screen.
Requires patching /includes/modules/pages/checkout_confirmation/header_php.php,

3. Failed customer login puts password back in input box - Severity: Low
When attempting a login with an invalid password, the resulting response contains that invalid password.
Requires patching /includes/functions/html_output.php file
 


         

Customers who bought this product also purchased...

Your header in Here

Customer Reviews


Judy Gunderson saved my bacon!

Judy Gunderson saved my bacon! Actually, she saved my store database, putting it back together after a series of unfortunate incidents in which...
Read More ->


Simply the Best

Judy took special time and solved our problem that was driving us crazy. Very fast, very honest and a pleasure to work with. She should charge more,...
Read More ->


Just a Great Lady

After my share of abuses like having websites paid for only to be dumped on me incomplete, Judy has stood by my side and helped me through the...
Read More ->


Outstanding Knowledge of Zen Cart

Over the past several years, Judy and her team have provided an unparalleled level of technical support for my business. In the years prior to...
Read More ->


Zen Cart Help?

No other place Like this one! Courtesy, knowledge, fair prices that’s Judy, she is a godsend! Thanks Judy
Read More ->


Who's Online

There currently are 6 guests online.
Copyright © 2004 - 2018 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart