Guest crusehost Posted January 25, 2006 Share Posted January 25, 2006 Just to let everyone know. Today we found foreign folders and code in a CubeCart 3.06 installation we host. The content was inserted into the /images/ directory on this particular site and included php files that allowed Ebay phishing. Do yourselves a favour and check the contents of your /images/ folders for foreign folders. In this case the folder name was redirect.to.fcgi.ebay.com We recieved notice today from our upstream provider. I have since updated the clients site to 3.08 is this a bug in previous versions? If so has this been fixed? Regards, Quote Link to comment Share on other sites More sharing options...
Guest aikdo Posted January 25, 2006 Share Posted January 25, 2006 There was a vunrability found in earlier versions and it seems that your site was attacked through this vunrability where they have placed that file on your site... I earge you all again further to my posts in the past to check EVERY and ALL files and folders for scripts that shouldn't be there some of the main folders attacked are... images images/upload images/upload/thumbs includes/ includes/content includes/boxes includes/.tmp (this one is not stock and is comanly created my hackers) pear/temp pear/ they are just a few files that i have found virus/hacking tools and such like that found here... again CHECK ALL files even if you dont belive you where hacked as they may have not made it know like most script kiddies that they hacked you... Finaly 3.0.8 is alot more secure but if these files are already on your server then you are still at risk Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.