Post by OSWorX » Thu Dec 08, 2016 4:34 am

Today I've found this article at sucuri: https://blog.sucuri.net/2016/12/unrestr ... login.html
It describes the way how a hacker could become access to your backend very easy - if you are using an older OpenCart version.

Image


User avatar
Expert Member

Posts

Joined
Mon Jan 11, 2010 10:52 pm
Location - Austria

Post by ADD Creative » Fri Dec 09, 2016 9:05 pm

It's not if using an older version of OpenCart. It's if any version of OpenCart has been modified by malware (or maybe a third party).

Need to check to see if system/library/user.php or system/library/cart/user.php have been modified. The malware adds a # to the the front of the WHERE statements in the SQL.

ADD Creative - Web development and e-commerce development, Milton Keynes or Christchurch, UK
ADD Filtration - HVAC Panel Filters, Bag Filters and HEPA Filters


Active Member

Posts

Joined
Sat Jan 14, 2012 1:02 am
Who is online

Users browsing this forum: No registered users and 10 guests