mtmike Posted July 8, 2008 Share Posted July 8, 2008 A client of mine has an osCommerce store that's been working great for nearly 2 years. She was hosting with GoDaddy (and we know how great they are) :blink: Last month, they shut the site down and said a security vulnerability was discovered, but wouldn't give any indication as to which folder/file, etc., so we switched hosts. Fast-forward to today, a hacker uploaded an IRS phishing page and spammed it out to a bunch of people. After a battle with repeatedly deleting the folder and changing permissions on the folder that it kept getting uploaded to, the entire catalog directory was deleted. Luckily, I'm a good webmaster and just re-uploaded the site from backup. The database was left untouched, and the attempts to re-upload the page have ceased, for now. Does anybody have any idea where this security exploit is in OSC and if there is a patch available for it? Thanks Link to comment Share on other sites More sharing options...
This topic is now archived and is closed to further replies.