Jump to content

Archived

This topic is now archived and is closed to further replies.

mightyx

Security Risk reported by gambio.de may also appear to OSC 2.x

Recommended Posts

Some days ago gambio.de reported a security hole in their shop software which also occurs in xt:commerce and other oscommerce based shop systems.

As I found out, the security hole may also appear in some versions of oscommerce. Here's a patch for those who want to be safe (besides that I strongly recommend securing the admin area with htaccess!).

 

In /catalog/admin/whos_online.php just after:

while ($whos_online = tep_db_fetch_array($whos_online_query)) {

 

add the following line of code:

   $whos_online['last_page_url'] = htmlentities($whos_online['last_page_url']);

 

Could please one of the developers check and confirm?

 

All credits go to gambio.de, great job guys!

Share this post


Link to post
Share on other sites

Could you please link to the full report.


This is a signature that appears on all my posts.  
IF YOU MAKE A POST REQUESTING HELP...please state the exact version
of osCommerce that you are using. THANKS

 
Get the latest Responsive osCommerce CE (community edition) here

Share this post


Link to post
Share on other sites

@@burt

@@mightyx

 

The first v2.3.3.1 oscommerce release fix prevent the hack. Gambio's fix is very similar.

 

 

Parse REQUEST_URI with tep_db_prepare_input() before storing the value in the database. Replace REMOTE_ADDR with tep_get_ip_address().

:blink:
osCommerce based shop owner with minimal design and focused on background works. When the less is more.
Email managment with tracking pixel, package managment for shipping, stock management, warehouse managment with bar code reader, parcel shops management on 3000 pickup points without local store.

Share this post


Link to post
Share on other sites

×