rforeman Posted October 20, 2007 Share Posted October 20, 2007 The purpose of this post is primarily to report an attack that may be made through OSCommerce in case others have the same problem. We're running OSCommerce 2.2 MS2 (060817) here: http://www.kingwestflowers.com/catalog/. We also have a brochure site here: http://www.kingwestflowers.com/. Only the brochure site index page has been hacked. On Thursday, October 18 our site was hacked and the index page changed. We repair it daily but it reoccurs daily at 5:30 am. Our host tells us to upgrade OSCommerce. We discovered this exploit: http://www.frsirt.com/english/advisories/2005/0171, and have fixed it with this fix: http://www.oscommerce.com/community/contributions,2976. If anyone has experienced the same attack and has found a solution we would appreciate your advice. Sincerely Ron Ron Foreman EmpowerYou (647) 999-8543 Skype: RonForeman Link to comment Share on other sites More sharing options...
Sam666 Posted October 20, 2007 Share Posted October 20, 2007 Didn't get hacked by the XSS, more like the SQL Injection, upgrade to RC1. Link to comment Share on other sites More sharing options...
Guest Posted October 20, 2007 Share Posted October 20, 2007 Welcome to the "club".You got lucky.My dbase was wipe-out.Recover from back-up. Link to comment Share on other sites More sharing options...
ramlion Posted July 30, 2009 Share Posted July 30, 2009 The reoccurence is likely to occur because of files still left on your server which are not your own. I suggest that you completely wipe your website from the server. Make sure that any hidden files are also wiped. Then carefully upload a clean backup. Check that any files you upload are actually yours. Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.