Search found 29 matches

Search found 29 matches

Re: [SOLVED] - Anyone know if Journal2 theme's Contact Us page is vulnerable

Thanks for the follow-up. When you say "access.log" is this an OpenCart file located somewhere within the OpenCart folder structure? Because I looked at the server's raw access log (from cPanel) to find the IP addresses (there were multiple scan/POST attempts from different people) and identified th...

Jump to post
  • Thu Apr 30, 2020 9:50 pm
  • Replies 5
  • Views 987
Re: Anyone know if Journal2 theme's Contact Us page is vulnerable

Thanks for the reply. I'm not worried about spambot attacks. I'm worried about SQL Injections or any other vulnerability that would allow the site to be compromised. She gets spam all the time. This time, the message was a threat, and I want to be sure the threat is not real.

Jump to post
  • Thu Apr 30, 2020 8:03 pm
  • Replies 5
  • Views 987
[SOLVED] - Anyone know if Journal2 theme's Contact Us page is vulnerable

I'm not sure this is the right place to post, but I'll try anyway. A friend of mine has an OC 3.0.2.0 website using the Journal2 theme. Today, she received an "Enquiry" (i.e. an email from the Contact Us page) that contained an extortion demand. The demand may or may not be real. With her permission...

Jump to post
  • Thu Apr 30, 2020 3:50 pm
  • Replies 5
  • Views 987
Re: admin/common/login.php hacked

@sandraolt, Does this mean the site had been totally cleaned and verified working? Did you find any records in the "orders" table that were identified as using the authorizenet payment method? If so, those customer's card numbers are now compromised. Same goes for pp_pro (thankfully, we used pp_stan...

Jump to post
  • Sun Nov 04, 2018 10:35 am
  • Replies 10
  • Views 10425
Re: admin/common/login.php hacked

@khnaz35, The employee passwords used on this site won't win any entropy awards, as they are relatively short (though obscure). A brute force attack, if not rate limited, would be able to break them in a relatively short time. The superuser password (mine) is significantly longer and would therefore...

Jump to post
  • Sat Nov 03, 2018 12:23 pm
  • Replies 10
  • Views 10425
Re: admin/common/login.php hacked

@agatha65 I'm using the latest release of Journal2's 2.x series. It was downloaded in August 2018. If you have any information about which file(s) were patched, I could check the source to see if I have the latest version. All of the recent updates to Journal 2 theme only reference updates to 3.x co...

Jump to post
  • Sat Nov 03, 2018 11:54 am
  • Replies 10
  • Views 10425
Re: Recent orders are showing Authorize.Net as payment gateway - I don't use it

From the timestamp on the altered files, the access to the server occurred in late August. I don't think I have any logs that go back that far. I remember looking through the raw access log for any POST activities for the affected resources, but I only had logs for October. And now that November has...

Jump to post
  • Fri Nov 02, 2018 7:13 pm
  • Replies 6
  • Views 817
Re: admin/common/login.php hacked

I dealt with this same hack yesterday. In my thread, I explain how I fixed it (but was unable to figure out how it happened in the first place).

viewtopic.php?f=202&t=207977

Jump to post
  • Fri Nov 02, 2018 4:49 pm
  • Replies 10
  • Views 10425
Re: Recent orders are showing Authorize.Net as payment gateway - I don't use it

It was very tedious, but I have managed to clean out the infection. I do not believe there is anything in the database that can trigger it again - providing the code to access the database has been cleaned. What I did was compare my core OpenCart 3.0.2 files on the hacked site to the virgin zip file...

Jump to post
  • Thu Nov 01, 2018 2:44 pm
  • Replies 6
  • Views 817
Re: Recent orders are showing Authorize.Net as payment gateway - I don't use it

Yes, Ernie, you are correct. The site has been hacked. Just trying to determine the extent of the changed source files now. Still not sure how the hack was accomplished.

Jump to post
  • Thu Nov 01, 2018 10:25 am
  • Replies 6
  • Views 817
Recent orders are showing Authorize.Net as payment gateway - I don't use it

Recently, I upgraded my store from Opencart 1.5.6.4 to Opencart 3.0.2. The conversion ran smoothly and is online. However, I've noticed since the upgrade that I have several records in my "Orders" table that do not show up in my dashboard. And among those "missing" orders are several that show "Auth...

Jump to post
  • Thu Nov 01, 2018 3:05 am
  • Replies 6
  • Views 817
Re: Anything better for product folder image searchinging

Thank you. That commercial extension does appear to work (in the admin demo). I would be interested to know what version of PHP was used for the admin demo. Some solutions for case-insensitive search use the sql_regcase command, which is no longer supported as of PHP 7.0.

Jump to post
  • Thu Aug 30, 2018 2:39 am
  • Replies 5
  • Views 496
Re: Search on image manager don't work

I have posted a reply to this general question in the Opencart 3.0 support forum. The solution method should also work for Opencart 2.x, although it may require a slight change in which lines of code are edited.

Please read my thread at viewtopic.php?f=202&t=206593

Jump to post
  • Wed Aug 29, 2018 10:19 am
  • Replies 6
  • Views 2147
Re: Image Manager Search not working properly

@straightlight Thanks for responding to my post. I had no problems with the "glob" command or its parameters. I posted a solution for a long-standing problem using the search feature of the image manager, which involved simply adding a '*' before the $filter_name. Instead of OpenCart doing a match o...

Jump to post
  • Sat Aug 25, 2018 10:01 am
  • Replies 2
  • Views 1246
[SOLVED] Image Manager Search not working properly - solution explained

Hello, I have seen this topic discussed in the OpenCart 2.0 General Support forum and have tried several free extensions which attempt to address this issue. It was after installing OpenCart 3.0.2 and experiencing the issue first hand that I took notice. It was my frustration with the situation that...

Jump to post
  • Fri Aug 24, 2018 8:27 pm
  • Replies 2
  • Views 1246
Re: Image Manager's Search Box not Working

I have had the same issue, with the image manager in OC 3.0.2 not working. After finding free extensions by OpenCart author "sonfil" that also didn't work, I analyzed them and corrected the issue with a vqmod and new helper file, which I have sent today to "sonfil". I have not tested it with any ver...

Jump to post
  • Fri Aug 24, 2018 5:24 am
  • Replies 9
  • Views 1256
Re: Anything better for product folder image searchinging

I tried clicking your link and got a 404 page. I'm interested in an extension that "fixes" search.

Jump to post
  • Wed Aug 22, 2018 7:26 am
  • Replies 5
  • Views 496
Shipping charges not being displayed - 1.5.6.4 and Journal2

I have a problem similar to the one described in this thread: http://forum.opencart.com/viewtopic.php?f=20&t=167454 My client's site is located in Ontario, Canada and uses OpenCart 1.5.6.4 with the Journal2 theme (Version 2.6.1). Their customers are predominantly in the US, but they deliver worldwid...

Jump to post
  • Sun Oct 16, 2016 3:12 pm
  • Replies 1
  • Views 304
501 Method Not Implemented when updating System info

I installed Opencart 1.5.6.4 along with a Template Monster template at domain http://www.linen-and-lavender.com I wanted to *temporarily* lift the "Maintenance Mode", so I could test the responsive template with a mobile phone emulator. When I attempted to change the Maintenance Mode setting (under ...

Jump to post
  • Tue Jan 20, 2015 4:20 pm
  • Replies 1
  • Views 704
Re: Newsletter subscription

This is probably too late for the original poster, but for anyone else, it could be useful.

The wisepops code needs to go somewhere near the end of the body of the html page. What I usually do is use vqMod to edit the footer area (where the "Powered by" code usually goes).

Jump to post
  • Mon Dec 08, 2014 5:45 pm
  • Replies 5
  • Views 897

Search found 29 matches