Please whitelist cPanel in your adblocker so that you’re able to see our version release promotions, thanks!

The Community Forums

Interact with an entire community of cPanel & WHM users!

OS Commerce Exploit - What version in CP 6?

Discussion in 'General Discussion' started by sitehostz, Mar 28, 2003.

  1. sitehostz

    sitehostz Well-Known Member

    Joined:
    Nov 30, 2002
    Messages:
    66
    Likes Received:
    0
    Trophy Points:
    156
    Location:
    Delaware
    osCommerce is a widely installed open source shopping e-commerce solution. Some XSS (cross-site scripting) problems exist in versions of osCommerce prior to 3/14/2003 that allows an attacker to inject arbitrary HTML code into a web page.
    An attacker could guide the victim to a specially crafted URL that, when followed, would send the cookie to the attacker.
    With the cookie of a user, an attacker would be able to hijack his account.

    Has Cpanel updated this and has a fix been included?

    Regards,
    Chris Bunting
     
Loading...

Share This Page

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice