Jump to content
Latest News: (loading..)

Archived

This topic is now archived and is closed to further replies.

Taipo

OSCommerce v3.0.2 - Persistent Cross Site Vulnerability

Recommended Posts


- Stop Oscommerce hacks dead in their tracks with osC_Sec (see discussion here)
- Another discussion about infected files ::here::
- A discussion on file permissions ::here::
- Site hacked? Should you upgrade or not, some thoughts ::here::
- Fix the admin login bypass exploit here
- Pareto Security: New security addon I am developing, a remake of osC_Sec in PHP 5 with a number of fixes
- BTC:1LHiMXedmtyq4wcYLedk9i9gkk8A8Hk7qX

Share this post


Link to post
Share on other sites

I notice the downloads page still doesn't have a warning on it

 

http://www.oscommerce.com/solutions/downloads

 

Just had yet another customer who had downloaded it and was tryingto use it live.

 

It just gives osc a bad reputation!!

 

Cheers

 

G


Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Share this post


Link to post
Share on other sites

At least it looks like osc is being developed without the warning. It doesnt matter that people new to osc are downloading it, finding it doesnt work and going somewhere else.


REMEMBER BACKUP, BACKUP AND BACKUP

 

Find information about the bootstrap community version here

 

Make it idiot proof and someone will make a better idiot.

Share this post


Link to post
Share on other sites

LOL

 

I do hope that is a tongue in cheek comment!!

 

G


Need help installing add ons/contributions, cleaning a hacked site or a bespoke development, check my profile

 

Virus Threat Scanner

My Contributions

Basic install answers.

Click here for Contributions / Add Ons.

UK your site.

Site Move.

Basic design info.

 

For links mentioned in old answers that are no longer here follow this link Useful Threads.

 

If this post was useful, click the Like This button over there ======>>>>>.

Share this post


Link to post
Share on other sites

×