Guest Posted December 21, 2009 Share Posted December 21, 2009 Good Day All, I just got contacted from my service provider to say that they were contacted to report abuse from our server. Doing some analysis I have found a bug in osCommerce which I am sure everybody will have with their system: Basically, the hackers accessed the following URL: catalog/admin/mail.php/login.php and gained access to all of my customers names and email addresses. The POST URL on my log is: catalog/admin/mail.php/login.php?action=send_email_to_user I am pretty sure my server is now blacklisted, I have not checked but I have noticed my email queue sitting still for emails going to comcast and yahoo email addresses. Any help on this will be greatly appreciated! Regards, ChildOTK Link to comment Share on other sites More sharing options...
spooks Posted December 21, 2009 Share Posted December 21, 2009 This is a well known issue, apply all patches given here http://www.oscommerce.com/forums/index.php?showtopic=313323 including these to fix the issue. Sam Remember, What you think I ment may not be what I thought I ment when I said it. Contributions: Auto Backup your Database, Easy way Multi Images with Fancy Pop-ups, Easy way Products in columns with multi buy etc etc Disable any Category or Product, Easy way Secure & Improve your account pages et al. Link to comment Share on other sites More sharing options...
Guest Posted December 21, 2009 Share Posted December 21, 2009 Darren, Please read this thread on how to secure your site. A site that has implemented these changes is not susceptible to the attack you mentioned. http://www.oscommerce.com/forums/topic/313323-how-to-secure-your-site/page__pid__1468212__st__270entry1468212 Chris Link to comment Share on other sites More sharing options...
Guest Posted December 21, 2009 Share Posted December 21, 2009 Sorry, I posted more in a panic and so I never searched for the same problem. Thank you for your response. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.