osCommerce scripts under attack


Seems that some kiddies are still using some old exploits to deface websites. In the last 2 days i have noticed lots of logs from defacing attempts that are logged by my daily stat plugin.

dailystat log

Seems that attackers are looking for an osCommerce bug found on Nov 2010 that allow attacker to upload files on remote server.
For those interested here is the bug and the fix.
Edit this file

/admin/includes/application_top.php

Find this line :

$current_page = basename($PHP_SELF);

Replace with :

$current_page = basename($_SERVER['SCRIPT_NAME']);

More about this here : http://addons.oscommerce.com/info/8003

Filed in: Around the web Tags: 

You might like:

How to detect PHP shells with Linux How to detect PHP shells with Linux
Torrent windows backdoored Torrent windows backdoored
Execute shell commands with php Execute shell commands with php
osCommerce scripts under attack osCommerce scripts under attack
© 2014 . All rights reserved. XHTML / CSS Valid.
Proudly designed by Theme Junkie.