Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

A Vulnerability


rbartz

Recommended Posts

A few days ago hackers found a way into osC 2 that will allow them to write executable files on the host server. Obviously, this is potentially a huge problem.

 

I discovered it when Google alerted me that one of my sites was hosting a phishing program. I found the method they used to install the files and fixed my sites temporarily.

 

I watched for the last 24 hours for something about this vulnerability to be here, but nothing has come up yet.

 

Who should I try to alert to this problem? I do not want to reveal here how it is done as it could open up a lot of stores to hackers.

 

Richard

Link to comment
Share on other sites

Ok, sorry to reply to myself, but on further research I see it is a not a new problem. Only thing that amazes me is that no one is alerting folks about it...

 

Closely Related: http://www.oscommerce.com/forums/topic/348589-serious-hole-found-in-oscommerce/

 

My advice is that you had better protect your sites TODAY!

 

R

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...