Go Back   vb.org Archive > Community Central > Community Lounge

Reply
 
Thread Tools Display Modes
  #11  
Old 06-12-2004, 06:44 AM
welo welo is offline
 
Join Date: Jan 2004
Location: Portland, Oregon
Posts: 172
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by matthepepe
x-cart has a ton of security problems right now. Even if they would sell to you stay away from it until they get things fixed.
I'm working with an X-Cart Pro right now I'm installing for a client who needs a complex store solution. Where exactly did you get this info? the script looks pretty solid to me and I find nothing to outright confirm this allegation (other than people might be risking running new versions which are specifically unapproved for a live environment).
Reply With Quote
  #12  
Old 06-12-2004, 12:53 PM
matthepepe matthepepe is offline
 
Join Date: Jan 2002
Posts: 42
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

read there forums http://forum.x-cart.com/ , people even running the latest stable versions are getting hacked. And the worst one someone paid 300 bucks to x-cart to have all the latest security updates and still got hacked. Read around their fraud prevention forum its ugly.
Reply With Quote
  #13  
Old 06-12-2004, 03:48 PM
welo welo is offline
 
Join Date: Jan 2004
Location: Portland, Oregon
Posts: 172
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Yeah, I read all that. Just like I read the Feb 19 security advisory saying, "I can't stress the importance of this enough, if you are on x-cart below 3.5.X please please make sure you've done the above," and all of the stuff Here.

Yet I still see nothing with the latest version of the X-Cart script a few ordinary security precautions can't handle (like renaming your admin dir f.ex. - anyone who hasn't done this already with their VB is just begging for it). I'm working with the 3.5.8 version of X-Cart right now and see no reason to be overly concerned. Most of the flags right now are coming from people who are outright speculating at this point because they don't understand how PHP works (although I do see a few whose hosts don't know how to secure their shared servers).

I do admit the guy who paid for the security upgrade has a valid beef though .
Reply With Quote
  #14  
Old 06-13-2004, 06:51 AM
SaN-DeeP's Avatar
SaN-DeeP SaN-DeeP is offline
 
Join Date: Jun 2002
Location: Mumbai, India
Posts: 1,195
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default

Quote:
Originally Posted by Logician
Weird thing.

But you don't need it if you live in India. You have the most brilliant computer programmers in the world so I'm sure you can find a better local software.
those brilliant people, charge 10 times as compared to people frm othre countries
worst thing


How is Oscommerce in terms of security.
been long time, havent heard anything abt them..

and what abt big merchants like.
http://www.rowcal.com/
http://www.computerbrain.com/
http://www.buycyberpc.com/
http://www.pcavailable.com/
http://www.axiontech.com/
http://www.allstarshop.com/
http://www.logiccircle.com/
http://us-depot.com/
http://www.gameve.com/
etc. etc.

what package do they use ?? or they have customized solutions

Sandy...
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 03:04 AM.


Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2024, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.03547 seconds
  • Memory Usage 2,191KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (2)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (4)post_thanks_box
  • (4)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (4)post_thanks_postbit_info
  • (4)postbit
  • (4)postbit_onlinestatus
  • (4)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 

Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 

Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_postinfo_query
  • fetch_postinfo
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete