Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

oscommerce vulnerability?


pamamolf

Recommended Posts

Posted

Error log:

 

[21-Jul-2010 00:15:11] PHP Warning: session_start() [<a href='function.session-start'>function.session-start</a>]: Cannot send session cookie - headers already sent by (output started at /home/hackmark/public_html/includes/configure.php:31) in /home/hackmark/public_html/includes/functions/sessions.php on line 102

[21-Jul-2010 00:15:11] PHP Warning: session_start() [<a href='function.session-start'>function.session-start</a>]: Cannot send session cache limiter - headers already sent (output started at /home/hackmark/public_html/includes/configure.php:31) in /home/hackmark/public_html/includes/functions/sessions.php on line 102

[21-Jul-2010 00:15:11] PHP Warning: Cannot modify header information - headers already sent by (output started at /home/hackmark/public_html/includes/configure.php:31) in Unknown on line 0

 

 

They found a way to add this code at the bottom of every php file...

 

Is there a way to not allow that?

Posted

Dimitris,

 

You should have read this:

 

http://www.oscommerce.com/forums/topic/313323-how-to-secure-your-site/

 

and this:

 

http://www.oscommerce.com/forums/index.php?showtopic=340995

 

 

If you had applied the security patches and installed some of the security contributions, the hacker would have had a much harder time hacking apart your site.

 

But, since there was no security you will need to restore a known good back up and then apply the security measures above.

 

 

Chris

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...