Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

Hackers Adding C99 Shell Script


reboto

Recommended Posts

Posted

I am new to oscommerce and have just had the "product_info.php" replaced by a hacker's script which inserted a C99 Shell for access to the site files. That is what I have been told by the web host. I have also had instances of phishing files added to the catalog/images folder. I thought I had all permissions set correctly - but apparently something allowed them to get in. The images folder doesn't allow image display if I don't have the group access set at "execute".

 

Tech support at my web host said to look for security updates at os commerce. I haven't found any. Can someone point me in the right direction?

 

Also, could I avoid these problems by simply renaming my catalog folder (and making those changes in the configure.php files?)

 

 

Thanks

Reboto

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...