11/27/15 Zen Cart Security Patch


    

25.00

Add to Cart:

1. Problem with /ajax.php in v1.5.4 only - Severity: High
In Zen Cart v1.5.4 the /ajax.php file has a vulnerability which can be used to cause a server exploit under very specific conditions.
Requires replacing the ajax.php file with new one

Below are some additional lower-severity patches affecting prior versions, which should be reviewed carefully for your site, to merge with existing customizations you may have made:

2. XSS problem for unsanitized comment field - Severity: Medium
In Zen Cart versions up to and including v1.5.4 an XSS problem exists with the order-comments field.
XSS problems are where someone can drop in executable/javascript code that can cause problems later when that content is output back to the screen.
Requires patching /includes/modules/pages/checkout_confirmation/header_php.php,

3. Failed customer login puts password back in input box - Severity: Low
When attempting a login with an invalid password, the resulting response contains that invalid password.
Requires patching /includes/functions/html_output.php file
 


Customers who bought this product also purchased...

Shopping Cart

Your cart is empty.

Customer Reviews

Good work!

Of all the prospective Zen Cart coders we nterviewed, Judy was the most responsive, friendly and reasonably priced. She produced the exact results...
Read More ->


Judy and Zen Cart are awesome!!

Judy is so knowledgable and helpful! She was so patient throughout the whole process, and has so much technical know-how. She built my website:...
Read More ->


I could never thank you enough!

Judy has provided me incredible service to provide my customers an awesome shopping experience! My store has had many changes and additions which...
Read More ->


Best designer I've ever used worldwide

I've used website designers from coast to coast and even overseas. Trying to move projects ahead within my budget with these other designers but all...
Read More ->


Guru Judy

I have indeed found my new guru in Judy!! She literally saved my website and my sanity. For the past year I have been on a roller coaster ride with...
Read More ->


Who's Online

There currently are 10 guests online.
Copyright © 2004 - 2020 ZenCart Ecommerce Website Design
Zen Cart Templates Zen Cart Guru
Powered by Zen Cart