11/27/15 Zen Cart Security Patch

25.00

Add to Cart:

1. Problem with /ajax.php in v1.5.4 only - Severity: High
In Zen Cart v1.5.4 the /ajax.php file has a vulnerability which can be used to cause a server exploit under very specific conditions.
Requires replacing the ajax.php file with new one

Below are some additional lower-severity patches affecting prior versions, which should be reviewed carefully for your site, to merge with existing customizations you may have made:

2. XSS problem for unsanitized comment field - Severity: Medium
In Zen Cart versions up to and including v1.5.4 an XSS problem exists with the order-comments field.
XSS problems are where someone can drop in executable/javascript code that can cause problems later when that content is output back to the screen.
Requires patching /includes/modules/pages/checkout_confirmation/header_php.php,

3. Failed customer login puts password back in input box - Severity: Low
When attempting a login with an invalid password, the resulting response contains that invalid password.
Requires patching /includes/functions/html_output.php file
 


         

Customers who bought this product also purchased...

Your header in Here

Customer Reviews


Worth Every Penny

I took a leap of faith and had my website upgraded to version 1.5.5 as well as a new "Responsive Zen Cart Template". It was worth every penny. My...
Read More ->


Dreams really do come true!

I searched a long time to find the right website designer. Having a website has been a dream of mine for a long time, and Judy has made it all...
Read More ->


Judy IS THE BOMB!

Judy is an angel...she had our website up and running over a holiday weekend! We built the main website, but ran into many problem areas, Judy fixed...
Read More ->


Judy and Zen Cart are awesome!!

Judy is so knowledgable and helpful! She was so patient throughout the whole process, and has so much technical know-how. She built my website:...
Read More ->


Judy works like a good friend will

Judy is a rare one, not only does she do her work well, but she is so honest and professional. I would recommend her to anyone who needs help on...
Read More ->


Who's Online

There currently are 4 guests online.
Copyright © 2004 - 2018 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart