Page 1 of 1
Search found 16 matches
Re: PCI Compliance issues
I did check the CVE. It was clear from the start it was a false positive, as we don't and never have used MyBB. Regardless of this, i have to convince them why it is not an issue, else i get fined by the bank. I spoke to another member of staff there, and he has agreed to drop it based on the inform...
Jump to post- Thu Feb 23, 2012 5:18 pm
- Replies 6
- Views 1885
Re: PCI Compliance issues
member.php does not exist on my server. I think what they are saying, is when they put do that GET request, they are getting a 200ok response, which i think is because of the soft 404 rewrite rule in .htaccess. RewriteRule ^(.*)\?*$ index.php?_route_=$1 [L,QSA] I think this means a 200ok response is...
Jump to post- Thu Feb 23, 2012 12:25 am
- Replies 6
- Views 1885
Re: PCI Compliance issues
Just had a reply from SM. They said the following: On the cross site scripting issue basically we are sending the request below and we are getting a 200 ok, or a positive response back. GET /member.php?action=login&url=javascript:alert%28'SAINT'%29 HTTP/1.0 Host: http://edit-removed User-Agent: ...
Jump to post- Wed Feb 22, 2012 11:44 pm
- Replies 6
- Views 1885
PCI Compliance issues
Just had Vulnerability scan from Security Metrics. We failed on the following thing. Description: MyBB member.php and newreply.php Multiple Cross Site Scripting Vulnerabilities Severity: Area of Concern CVE: CVE-2010-4522 Impact: Vulnerabilities in MyBB (also known as MyBulletinBoard) allow for SQL ...
Jump to post- Wed Feb 22, 2012 11:42 pm
- Replies 6
- Views 1885
Re: [Patch] "Please Wait" for Authnet, PP Pro, Sagepay, Perp
I used the patch a few weeks ago, which worked fine. I repatched it with the newer version of it, and the problem has returned. In retrospect i should have left it alone, but it appears the old patch was the working one. This error has returned now 2011-06-20 8:13:52 - PHP Unknown: Function split() ...
Jump to post- Mon Jun 20, 2011 5:11 pm
- Replies 44
- Views 48895
Re: [Patch] "Please Wait" for Authnet, PP Pro, Sagepay, Perp
We never experienced this problem on our old server which ran on Ubuntu 8.04LTS. We transfererred the store to a new server running Ubuntu 10.04LTS which subsequently has a newer version of php/mysql and we are now experiencing this problem. We have fallen back to sagepay form for the time being to ...
Jump to post- Sat May 28, 2011 3:30 am
- Replies 44
- Views 48895
Re: Tiling Supplies
Thanks guys. Really appreciate the comments. All very good points. I will look into all of those.
Jump to post- Fri Feb 11, 2011 12:49 am
- Replies 3
- Views 958
Tiling Supplies
http://www.tilingsupplies.co.uk has now been revamped using OpenCart. Opinions are greatly appreciated. Can i just say a big thanks to all the developers and people who provided us help and support along the way. Your development of OpenCart is very much appreciated. Donations to the project will f...
Jump to post- Sat Feb 05, 2011 9:28 pm
- Replies 3
- Views 958
Growing Images
I have some manufacturer images that are around 7Kb. When they are resized in the cache, i end up with a 75 x 75 version which is smaller size than the original but is 22Kb. I'm trying to optimise all the images to make everything load quicker, but opencart keeps making them caching much larger vers...
Jump to post- Sat Jan 29, 2011 5:29 pm
- Replies 0
- Views 349
Predefined Order Status Texts
When changing the status of an order, it would be very usefull to be able to add predefined texts to the order history.
For example telling a customer the goods are picked, when the goods are dispatched etc etc.
Would save typing a long message each time.
- Wed Jan 26, 2011 9:56 pm
- Replies 0
- Views 480
Re: Sagepay 3D Secure
I enabled it within sagepay admin, but because i use sagepay direct, it appears it has to be coded my end rather than sagepays end.
I guess if i used sagepay form, it would alleviate this, but i prefer to use direct.
- Fri Jan 21, 2011 4:27 pm
- Replies 3
- Views 1466
SEO Keywords
If the Manufacturer SEO keyword is the same as the category seo keyword, then you cannot open that category from the category list.
Maybe something should be added to say the seo keyword is already in use somewhere else so it cannot be duplicated.
- Fri Jan 21, 2011 4:16 pm
- Replies 1
- Views 615
Re: Sagepay 3D Secure
No one got any ideas?
Jump to post- Thu Jan 13, 2011 9:44 pm
- Replies 3
- Views 1466
Sagepay 3D Secure
It has been suggested by the bank that i use 3D secure when processing transactions. What needs to be done to allow this? I have enabled it from within sagepay admin, but i assume something will need to be done to opencart as well? Can anyone shed any light on this, and advise what needs to be done,...
Jump to post- Wed Jan 05, 2011 5:09 am
- Replies 3
- Views 1466
mobi-cart
www.mobi-cart.com
This looks like it could be a potentially good thing for opencart.
If open cart linked into theyre API, then we can run an iphone/android shop from opencart.
Seeing as mobile seems to be the way forward at the moment, this could only be a positive thing to add.
Dave
- Tue Aug 17, 2010 8:24 pm
- Replies 1
- Views 1440
sagepay failure
Hi Just got opencart setup with sagepay. When running this on the sagepay simulator, if a transaction is not authorised, the customer is not directed to a page explaining why the transaction was rejected. It just directs back to the original payment method page. This is confusing for customers as th...
Jump to post- Mon Jul 26, 2010 11:35 pm
- Replies 0
- Views 823
Search found 16 matches
