Guest Posted February 18, 2012 Share Posted February 18, 2012 Hello I did a quick scan of my osCommerce site with w3af to see if there were any security holes or vurls. When the scan completed it found a cross site request forgery vurl in the index.php and the advanced_search_result.php scripts. As you all know this is not good and I thought I would bring it to the developers and communities attention. Thanks! :) Link to comment Share on other sites More sharing options...
Guest Posted February 18, 2012 Share Posted February 18, 2012 @@QsoftStudios You would have to look at those files and determine what the vulnerable code is and then fix it. Without seeing the code, we can't help Chris Link to comment Share on other sites More sharing options...
Guest Posted February 18, 2012 Share Posted February 18, 2012 @@QsoftStudios You would have to look at those files and determine what the vulnerable code is and then fix it. Without seeing the code, we can't help Chris I am in the process of doing that now I will update you when I find the vulnerable part of the code. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.