Post by tingwing » Mon Feb 19, 2018 6:18 pm

hi
if scan, there is "asp.net padding oracle"

how to fix it?

Thanks

my email :support@bestshop24h.com
my wechat:bestshop24h
my free extension:https://www.opencart.com/index.php?rout ... estshop24h


Active Member

Posts

Joined
Tue Aug 02, 2016 9:01 pm

Post by straightlight » Tue Feb 20, 2018 1:29 am

What does this topic even mean exactly? More information is needed. Have you also looked on Google for this message?

The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.

F. Rules:

- viewtopic.php?f=176&t=200480
- viewtopic.php?f=176&t=200804


Regards,
Straightlight


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by tingwing » Tue Feb 20, 2018 1:03 pm

if scan website "opencart3.0.2+journal2.6.1 "
show "ASP.NET Padding Oracle" vulnerability

Detail:http://www.bundeio.com/WebResource.axd?d=1519024651
response:{"header":"HTTP/1.0 500 Internal Server Error
Date: Mon, 19 Feb 2018 07:17:41 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: OCSESSID=0524485a75240bd2acb2d1fa1a; path=/, OCSESSID=0524485a75240bd2acb2d1fa1a; path=/
Content-Length: 153
Connection: close
Content-Type: text/html; charset=UTF-8
"}
request:{"body":"","header":"GET /WebResource.axd?d=1519024651 HTTP/1.1
Cookie: OCSESSID=0524485a75240bd2acb2d1fa1a; currency=USD; language=en-gb
Host: www.bundeio.com
Connection: Keep-Alive
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
"}
target:"http://www.bundeio.com/WebResource.axd"
url:http://www.bundeio.com/WebResource.axd?d=1519024651

my email :support@bestshop24h.com
my wechat:bestshop24h
my free extension:https://www.opencart.com/index.php?rout ... estshop24h


Active Member

Posts

Joined
Tue Aug 02, 2016 9:01 pm

Post by tingwing » Thu Feb 22, 2018 12:27 pm

I got this notification from alipay ,who scan the website before allow me to enable alipay payment.

my email :support@bestshop24h.com
my wechat:bestshop24h
my free extension:https://www.opencart.com/index.php?rout ... estshop24h


Active Member

Posts

Joined
Tue Aug 02, 2016 9:01 pm

Post by straightlight » Thu Feb 22, 2018 6:52 pm

Since you're using Journal2, revert back to the default theme and redo a transaction from alipay noticing if this issue can be reproduced. If not, contact the Journal2 support.

The most generated errors being found on Opencart forum originates from contributed programming. The increased post counters are caused by redundancies of the same solutions that were already provided prior.

F. Rules:

- viewtopic.php?f=176&t=200480
- viewtopic.php?f=176&t=200804


Regards,
Straightlight


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON
Who is online

Users browsing this forum: No registered users and 7 guests