CRE Loaded Community

Banner

View unanswered posts | View active topics


Board index » CRE Loaded Support » CRE Loaded 6.2

All times are UTC - 5 hours




Post new topic Reply to topic  Page 1 of 1
  [ 4 posts ] 
  Previous topic | Next topic 
Author Message
Buddy
 Post subject: Attack - Javascript injected into all my files!
PostPosted: Mon Aug 09, 2010 4:01 am 
Offline
CRE Newbie

Joined: Mon Apr 19, 2010 6:55 am
Posts: 3
Quote:
** malicious code edited by moderator, please do not post code that can hurt other forum members computers, thank you


Sorry, I didn't realise it could do that from posting it on a forum! I just wanted to see if anyone might have recognised it and know how to deal with it.
Is this a first for this or has anyone else seen this happen? Is it a security flaw in 6.2 or could someone have hacked my ftp account?
Top
 Profile  
 
soundzgood2
 Post subject: Re: Attack - Javascript injected into all my files!
PostPosted: Wed Aug 11, 2010 8:17 pm 
Offline
CRE Legend
User avatar

Joined: Thu Jun 12, 2008 6:39 am
Posts: 2211
Location: New Zealand
Buddy wrote:
Quote:
1. Is it a security flaw in 6.2 or 2. could someone have hacked my ftp account?

1. More than likely - upgrade to 6.4. These upgrades aren't just 'feature fixes', they patch some of the ongoing security probs too.
2. Yes, very possible too depending on how you run it, strength of passwords, encryption, firewalls etc
Simon

_________________
www.codemehappy.com
For Cre Loaded tips, how-to articles and more

Top
 Profile  
 
Buddy
 Post subject: Re: Attack - Javascript injected into all my files!
PostPosted: Tue Aug 17, 2010 7:54 am 
Offline
CRE Newbie

Joined: Mon Apr 19, 2010 6:55 am
Posts: 3
Ok thanks.

Well, I have changed all the login & password details now. I wonder, can I just patch up to 6.4 now and continue to use the manual payment module that I have for the time being?
Top
 Profile  
 
soundzgood2
 Post subject: Re: Attack - Javascript injected into all my files!
PostPosted: Tue Aug 17, 2010 4:08 pm 
Offline
CRE Legend
User avatar

Joined: Thu Jun 12, 2008 6:39 am
Posts: 2211
Location: New Zealand
Buddy wrote:
Ok thanks.

Well, I have changed all the login & password details now. I wonder, can I just patch up to 6.4 now and continue to use the manual payment module that I have for the time being?

Dunno - why not set up a test site of your store and try out the payment module there. If anything is going to break / cause problems, it'll be the payment module on an upgrade.

Make sure to check the Extensions area for updated payment modules too.

Simon

_________________
www.codemehappy.com
For Cre Loaded tips, how-to articles and more

Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 4 posts ] 

Board index » CRE Loaded Support » CRE Loaded 6.2

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 1 guest

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
It is currently Tue Feb 07, 2012 11:32 am
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group

Main Menu

Login

Top Listing

1. Cart2Cart - Shopping...
    Category: Shopping Cart Database Conversion Scripts
    
2. Points & Rewards PLUS!...
    Category: Add-Ons
    
3. Configuration Server...
    Category: Fixes
    
4. Credit Card with CCV
    Category: Payment Modules
    
5. CC7333_ATS
    Category: Templates
    
Show more...

Members Online

Follow Us on Twitter

An error occurred

Oops, an error seems to have occurred. We're sorry for any inconvenience this might have caused. If the error persists, feel free to tell us about it.

CRE Loaded Community Chat hosted by CRE Loaded.

Join now

Chat about what's on your mind. More about public chats.


© CRE Loaded is a product of Chain Reaction Ecommerce, Inc. Usage & Privacy Policy