Shopping Cart software | ezOSCNews| eCommerce Software » OsCommerce can send out spam via the Mailinglist function, without login.

eCommerce Shopping Cart

Call us (800) 961-7427

Home > oscommerce > OsCommerce can send out spam via the Mailinglist function, without login.

OsCommerce can send out spam via the Mailinglist function, without login.

December 22nd, 2009 admin

osCommerce Online Merchant v2.2 RC2a has bug where one can send out spam through

http://domain.com/admin/mail.php/login.php

The proposed fix for oscmax is:

http://www.oscmax.com/forums/oscmax-v1-7-discussion/20994-spam-through-admin-mail-php-login-php-action-send_email_to_user.html

The fix in OscMax is:

http://code.google.com/p/oscmax2/source/detail?r=169

Also what is going on with these files here:

http://www.oscmax.com/blog/michael_s/security_notice_oscmax_204_released

Categories: oscommerce Tags: oscommerce

Comments are closed.

Creloaded – Admin Accesss Vulnerability Security Patch Start A DropShipping Business: Part 2

Call us (800) 961-7427

Terms & Contitions

*osCommerce is a trade mark of the osCommerce Project
Copyright © 2009-2011 Shopping Cart software | ezOSCNews| eCommerce Software
ezOSC, LLC. Theme Customized by ezOSC.