Page 1 of 1

How to become backend access

Posted: Thu Dec 08, 2016 4:34 am
by OSWorX
Today I've found this article at sucuri: ... login.html
It describes the way how a hacker could become access to your backend very easy - if you are using an older OpenCart version.

Re: How to become backend access

Posted: Fri Dec 09, 2016 9:05 pm
by ADD Creative
It's not if using an older version of OpenCart. It's if any version of OpenCart has been modified by malware (or maybe a third party).

Need to check to see if system/library/user.php or system/library/cart/user.php have been modified. The malware adds a # to the the front of the WHERE statements in the SQL.