Affordable end to end oscommerce solutions with
Search Engine Optimization

Email : osCommerceCoders@gmail.com
Call : +1 818-574-3596 (USA) / +44 (020) 8123-6463 (UK)

Iframe codes in oscommerce stores

Posted by admin On July - 30 - 2009

There has been a recent increase of attacks on osCommerce websites using old versions.

Hackers exploit a vulnerability that is usually used for uploading product pictures to the /images directory.

Php files are uploaded in the images directory and executed.

CUstomer and order details are displayed and also emailed to the hackers email address.

Sometimes traces are left by the hacker.
PHP files show up in the images directory (though sometimes they’re deleted after being run).

Gengerally, the following code iframe is added to every product_description and categories_description

We have a process to clean up the database and clean up the images directory

150 USD