Post by tingwing » Mon Feb 19, 2018 6:18 pm

hi
if scan, there is "asp.net padding oracle"

how to fix it?

Thanks

my extension:https://www.opencart.com/index.php?rout ... estshop24h
email :support@bestshop24h.com
site:http://www.bestshop24h.com


Active Member

Posts

Joined
Tue Aug 02, 2016 9:01 pm

Post by straightlight » Tue Feb 20, 2018 1:29 am

What does this topic even mean exactly? More information is needed. Have you also looked on Google for this message?

Dedication and passion goes to those who are able to push and merge a project.

Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON

Post by tingwing » Tue Feb 20, 2018 1:03 pm

if scan website "opencart3.0.2+journal2.6.1 "
show "ASP.NET Padding Oracle" vulnerability

Detail:http://www.bundeio.com/WebResource.axd?d=1519024651
response:{"header":"HTTP/1.0 500 Internal Server Error
Date: Mon, 19 Feb 2018 07:17:41 GMT
Server: Apache/2.4.18 (Ubuntu)
Set-Cookie: OCSESSID=0524485a75240bd2acb2d1fa1a; path=/, OCSESSID=0524485a75240bd2acb2d1fa1a; path=/
Content-Length: 153
Connection: close
Content-Type: text/html; charset=UTF-8
"}
request:{"body":"","header":"GET /WebResource.axd?d=1519024651 HTTP/1.1
Cookie: OCSESSID=0524485a75240bd2acb2d1fa1a; currency=USD; language=en-gb
Host: www.bundeio.com
Connection: Keep-Alive
Accept-Encoding: gzip, deflate
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.71 Safari/537.36
"}
target:"http://www.bundeio.com/WebResource.axd"
url:http://www.bundeio.com/WebResource.axd?d=1519024651

my extension:https://www.opencart.com/index.php?rout ... estshop24h
email :support@bestshop24h.com
site:http://www.bestshop24h.com


Active Member

Posts

Joined
Tue Aug 02, 2016 9:01 pm

Post by tingwing » Thu Feb 22, 2018 12:27 pm

I got this notification from alipay ,who scan the website before allow me to enable alipay payment.

my extension:https://www.opencart.com/index.php?rout ... estshop24h
email :support@bestshop24h.com
site:http://www.bestshop24h.com


Active Member

Posts

Joined
Tue Aug 02, 2016 9:01 pm

Post by straightlight » Thu Feb 22, 2018 6:52 pm

Since you're using Journal2, revert back to the default theme and redo a transaction from alipay noticing if this issue can be reproduced. If not, contact the Journal2 support.

Dedication and passion goes to those who are able to push and merge a project.

Regards,
Straightlight
Programmer / Opencart Tester


Legendary Member

Posts

Joined
Mon Nov 14, 2011 11:38 pm
Location - Canada, ON
Who is online

Users browsing this forum: No registered users and 19 guests