How to fix three high-risk vulnerabilities in Zen Cart 1.38a

Vulnerability 1
 
<Form id = "frmUpload" enctype = "multipart/form-data" action = "http://www.bkjia.com/editors/fckeditor/editor/filemanager/upload/php/upload. php? Type = Media "method =" post ">
Upload a new file: <br>
<Input type = "file" name = "NewFile" size = "50"> <br>
<Input id = "btnUpload" type = "submit" value = "Upload">
</Form>
 
It is dangerous to directly upload files to the images folder of the website.
 
Solution: Delete the FCK editor and use another editor.
Alternatively, find the editors/fckeditor/editor/filemanager/upload/php/upload. php file.
In
Require ('config. php ');
Require ('util. php ');
Add the following code -----------------------------
 
// Prevent external submissions
Function outsidepost ()
{
$ Servername = $ _ SERVER ['server _ name'];
$ Sub_from = @ $ _ SERVER ['HTTP _ referer'];
$ Sub_len = strlen ($ servername );
$ Checkfrom = substr ($ sub_from, 7, $ sub_len );
If ($ checkfrom! = $ Servername ){
Echo ("you don't outsidepost! ");
Exit;
}
}
Outsidepost ();
 
Vulnerability 2
 
If the local file is leaked, you can directly obtain the code of the configuration file replicdes/configure. php.
 
An error is reported when http://www.bkjia.com/extras/ipn_test_return.php is opened.
Obtain the website physical path
 
 
Http://www.bkjia.com/extras/curltest. php? Url = file: // the physical path of the website/schemdes/configure. php
The code for getting the configuration file maid/configure. php is obtained directly.
 
Solution: Delete the entire extras folder in the root directory.
 
Vulnerability 3
 
Most zencart templates used on the Internet
The submitted link in http://www.bkjia.com/link.html is displayed directly on the home page
 
Solution:

Find the replicdes/modules/sideboxes/lightinthebox/links_box.php file.
In the code
WHERE ld. cmdage_id = '". (int) $ _ SESSION ['AGES _ id']."'
Add and l. links_status = '2'

You can.