Post by OSWorX » Thu Dec 08, 2016 4:34 am

Today I've found this article at sucuri: ... login.html
It describes the way how a hacker could become access to your backend very easy - if you are using an older OpenCart version.

Full Stack Web Developer :: Dedicated OpenCart Development & Support DACH Region
Contact for Custom Work / Fast Support.

User avatar
Guru Member


Mon Jan 11, 2010 10:52 pm
Location - Austria

Post by ADD Creative » Fri Dec 09, 2016 9:05 pm

It's not if using an older version of OpenCart. It's if any version of OpenCart has been modified by malware (or maybe a third party).

Need to check to see if system/library/user.php or system/library/cart/user.php have been modified. The malware adds a # to the the front of the WHERE statements in the SQL.

Active Member


Sat Jan 14, 2012 1:02 am
Location - United Kingdom
Who is online

Users browsing this forum: No registered users and 1 guest