Find spam-vulnerable osCommerce scripts

G

gvard

Well-Known Member
PartnerNOC
Dec 22, 2003
217
12
168
Athens/GREECE
cPanel Access Level
DataCenter Provider
Greetings from Greece,

Many clients that use osCommerce haven't performed the necessary updates, and spammers may use contact_us.php to send spam e-mails via injection.

Can anyone offer any solution to search all hosting accounts on the server for vulnerable osCommerce contact_us.php pages via shell?


Thanks! :)
 
AndyReed

AndyReed

Well-Known Member
PartnerNOC
May 29, 2004
2,217
4
193
Minneapolis, MN
gvard said:
Ok, and which ones from those filters are for osCommerce contact_us.php problem? Is the "osCommerce XSS" section?
Click to expand...
Tracking down spammers and what scripts they use to go through your server is not an easy job. Are you sure the problem is osCommerce only and doesn't include other scripts?
 
G

gvard

Well-Known Member
PartnerNOC
Dec 22, 2003
217
12
168
Athens/GREECE
cPanel Access Level
DataCenter Provider
Hello,

Of course one can never be sure that everything is OK and spammer-free, but right now I want to be able to apply this fix:

http://www.oscommerce.com/community/bugs,3279/status,open/page,2

I want to find out somehow which contact_us.php files are vulnerable and then notify the clients for the changes they have to make.
 
You must log in or register to reply here.
Thread starter Similar threads Forum Replies Date
M SOLVED How to find the version of Spam Assassin? Email 2
M Finding the spam source Email 3
A How can I find out if my server is sending spam? Email 4
C Find scripts responsible for sending out spam Email 6
J How to findout where spam is coming from with EXIM? Email 4
Similar threads
SOLVED How to find the version of Spam Assassin?
Finding the spam source
How can I find out if my server is sending spam?
Find scripts responsible for sending out spam
How to findout where spam is coming from with EXIM?
Top Bottom