Fixes multiple high-risk vulnerabilities in Zen cart

Vulnerability 1

<Form ID = "frmupload" enctype = "multipart/form-Data" Action = "http: // www. ****. COM/Editors/FCKeditor/Editor/filemanager/upload/PHP/upload. PHP? Type = Media "method =" Post ">
Upload a new file: <br>
<Input type = "file" name = "newfile" size = "50"> <br>
<Input id = "btnupload" type = "Submit" value = "Upload">
</Form>

It is dangerous to directly upload files to the images folder of the website.

Solution: Delete the fck editor and use another editor.
Alternatively, find the Editors/FCKeditor/Editor/filemanager/upload/PHP/upload. php file.
In
Require ('config. php ');
Require ('util. php ');
Add the followingCode----------

// Prevent external submissions
Function outsidepost ()
{
$ Servername = $ _ server ['server _ name'];
$ Sub_from = @ $ _ server ['HTTP _ referer'];
$ Sub_len = strlen ($ servername );
$ Checkfrom = substr ($ sub_from, 7, $ sub_len );
If ($ checkfrom! = $ Servername ){
Echo ("You Don't outsidepost! ");
Exit;
}
}
Outsidepost ();

Vulnerability 2

If the local file is leaked, you can directly obtain the code of the configuration file replicdes/configure. php.

Open http: // www. ****. com/extras/ipn_test_return.php and report an error
Obtain the website physical path

Http: // www. ***. com/extras/curltest. php? Url = file: // the physical path of the website/schemdes/configure. php
The code for getting the configuration file maid/configure. php is obtained directly.

Solution: Delete the entire extras folder in the root directory.

Vulnerability 3

The most widely used LightInTheBox templates on the Internet
The submitted link at http: // www. ****. com/link.html is directly displayed on the homepage.

Solution:
Find the includesmodulessideboxeslightintheboxlinks_box.php file.
In the code

where lD. required age_id = '". (INT) $ _ session ['AGES _ id']. "'
Add and L. links_status = '2'
OK