myforum Posted December 24, 2009 Share Posted December 24, 2009 Hello, I have a old OSC version and I use the addon Administration Access Level. Now I have the problem that you can see with the url "...myshop.com/admin/orders.php/login.php" my order view and this without a correct login. So you can see my orders without login. So this is a security problem. A friend told me that under http://svn.oscommerce.com/jira/browse/OSC-1001 is a solution. There is code but I don't know where I add this code. I hope you can help me how i can fix this problem. Thank you. Link to comment Share on other sites More sharing options...
Ben Nevis Posted December 24, 2009 Share Posted December 24, 2009 There are a lot of security measures to be taken to secure osc and it's not just that exploit that needs closing. Read the 'How to secure your site' thread and apply all the measures listed. www.jyoshna.com. Currently using OsC with STS, Super Download Store, Categories Descriptons, Manufacturers Description, Individual Item Status, Infopages unlimited, Product Sort, Osplayer with flashmp3player, Product Tabs 2.1 with WebFx Tabpane and other bits and pieces including some I made myself. Many thanks to all whose contributions I have used! Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.