lauracone Posted October 7, 2007 Share Posted October 7, 2007 Is this a bug that I can get rid of by uploading a new version of OS commerce? Please let me know. Has to do with the catalog file. Best to all Laura Help if any one knows a fix for this problem please notify me at [email protected] I haven't a clue how to fix the os commerce site and I don't want to do anything with the hosted site until this can get fixed. Thanks a bunch laura Exploit file in Xp(1).htm Ok the virus looks like it came from ip # 70.129.142(1).htm my husband just showed me how to find the virus file. We have just confirmed the problem. AVG captured the virus on our end as well. The root of the problem is the outdated version of osCommerce you have installed under your hosting account. Hackers managed to exploit a security flaw in osCommerce and gained virtually full access to your hosting account. They uploaded a web shell (/www/www/catalog/install1/admin.php; /www/www/catalog/install1/Admin.txt) which allowed them to make changes to your files. They included javascript code in several of your .htm files which actually call the virus. The bad news is that the web site intrusion happened a long time ago and we do not have a backup from which we can restore a safe copy of your web site. We only keep our daily backups for seven days and the unauthorized access to your hosting account appears to have been gained a couple of months ago. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.