Loaded Commerce Community

Banner

View unanswered posts | View active topics


Board index » CRE Loaded Support » CRE Loaded 6.3

All times are UTC - 5 hours




Post new topic Reply to topic  Page 1 of 1
  [ 2 posts ] 
  Previous topic | Next topic 
Author Message
bsaltd
 Post subject: CRE 6.3 vulnerability
PostPosted: Wed Jun 15, 2011 3:35 am 
Offline
CRE Newbie
User avatar

Joined: Mon Sep 13, 2010 9:54 am
Posts: 13
I understand that there is a vulnerabilty in the 6.3/6.4.0 admin system (fixed in 6.4.1a) that can give people access to the admin system. The bug is identified by trying to access admin/orders.php/login.php if you don't see the login screen, aparently you have a problem.

I understand that there is a fix available, which is not too complex to implement.

I have one client on 6.3 who does not pay for support or want an upgrade, but I would like to fix this if it is not too complex.

Can anyone give me details of the fix?

Thanks
Top
 Profile  
 
soundzgood2
 Post subject: Re: CRE 6.3 vulnerability
PostPosted: Wed Jun 15, 2011 5:02 pm 
Offline
CRE Legend
User avatar

Joined: Thu Jun 12, 2008 6:39 am
Posts: 2405
Location: New Zealand
Sure: http://www.codemehappy.com/2010/10/admi ... sed-carts/

Simon

_________________
www.codemehappy.com
For Cre Loaded tips, how-to articles and more

Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  Page 1 of 1
  [ 2 posts ] 

Board index » CRE Loaded Support » CRE Loaded 6.3

All times are UTC - 5 hours


Who is online

Users browsing this forum: No registered users and 1 guest

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
It is currently Thu May 24, 2012 1:23 pm
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group

Main Menu

Login

Forums Latest Activity

Top Listing

1. Cart2Cart - Shopping...
    Category: Shopping Cart Database Conversion Scripts
    
2. Points & Rewards PLUS!...
    Category: Add-Ons
    
3. Configuration Server...
    Category: Fixes
    
4. Credit Card with CCV
    Category: Payment Modules
    
5. CC7333_ATS
    Category: Templates
    
Show more...

© CRE Loaded is a product of Chain Reaction Ecommerce, Inc. Usage & Privacy Policy