Attention
If your Photo Cart is suddenly getting a 500 error or only displaying a blank page then you or your hosting company has updated the PHP (programming language) to PHP 7 which Photo Cart is not compatible with (and will not be compatible with) mainly because of the removal of the my_sql functions which are replaced with my_sqli functions.
You would need to have the PHP version downgraded to 5.6 in order for Photo Cart to work. If downgrading the PHP doesn't work then you may have to update Photo Cart to the last version of 7. Download Photo Cart 7 upgrade files. Upgrade instructions.
Photo Cart was retired in 2015. Check out Sytist.
Please log in or Create an account to post or reply to topics.
You will still receive notifications of replies to topics you are part of even if you do not subscribe to new topic emails.
Major Sql Injection Security Problem
t
tremendous
4 posts
Mon Jun 23, 14 7:24 AM CST
Hi there,
We run Photo Cart for a client and we have had a major MySQL injection attack on the website multiple times in the last week alone. We're running an older version of Photo Cart (Version: 5.1.5), and cannot upgrade to the latest version as the admin area is now inaccessible.
What table is the registration key stored in in the MySQL database? This is the only way we can retrieve this key.
Each time the attackers have been successful and Photo Cart seems to have little/no in built protection against MySQL injections, at first it was attackers changing links/navigation and it has now moved on to full blown javascript injection into the tables that redirect away from the website.
I would sincerely hope that Photo Cart 7 has addressed these security flaws?
Regards,
Nik
Tremendous Marketing
We run Photo Cart for a client and we have had a major MySQL injection attack on the website multiple times in the last week alone. We're running an older version of Photo Cart (Version: 5.1.5), and cannot upgrade to the latest version as the admin area is now inaccessible.
What table is the registration key stored in in the MySQL database? This is the only way we can retrieve this key.
Each time the attackers have been successful and Photo Cart seems to have little/no in built protection against MySQL injections, at first it was attackers changing links/navigation and it has now moved on to full blown javascript injection into the tables that redirect away from the website.
I would sincerely hope that Photo Cart 7 has addressed these security flaws?
Regards,
Nik
Tremendous Marketing
t
tremendous
4 posts
Mon Jun 23, 14 11:42 AM CST
After upgrading to Photo Cart 7, we are now able to get into the admin and have realised that they had injected javascript redirection into the galleries, the name of the website and the invoice header as well as presumably other places.
Is there a database cleaner or something similar in place to strip data out?
Also again, is Photo Cart 7 more secure against MySQL injection? If not this is a major security flaw that can have very damaging outcomes to all of your customers.
Luckily we do have a backup of the database from Friday afternoon, but I imagine many of your customers aren't tech-savy or think to do regular backups.
Regards,
Nik
Tremendous Marketing
Is there a database cleaner or something similar in place to strip data out?
Also again, is Photo Cart 7 more secure against MySQL injection? If not this is a major security flaw that can have very damaging outcomes to all of your customers.
Luckily we do have a backup of the database from Friday afternoon, but I imagine many of your customers aren't tech-savy or think to do regular backups.
Regards,
Nik
Tremendous Marketing
Tim - PicturesPro.com
16,266 posts
(admin)
Mon Jun 23, 14 2:51 PM CST
There was a injection vulnerability in version 5.1.5 (which is very old) that was fixed with version 5.2.3. Photo Cart 7 has no vulnerabilities that I am aware of and has been in use well over a year and a half.
Tim Grissett, DIA - PicturesPro.com
My Email Address: info@picturespro.com
My Email Address: info@picturespro.com
t
tremendous
4 posts
Mon Jun 23, 14 5:58 PM CST
So this thread posted today about being hacked: http://www.picturespro.com/support-forum/photo-cart/?t=15158-hacked
Is that an old version also?
Is that an old version also?
Dave's Uploader
269 posts
Tue Jun 24, 14 6:49 AM CST
Most sites getting hacked are the result of weak FTP passwords. This is especially true of the hacks which traverse a site to "take over" all index.php files across a site without touching other files.
R
Ross Grieve
32 posts
Wed Jun 25, 14 7:59 AM CST
Hi Dave,
Its nothing do to with FTP passwords.
Its an MySQL injection attack. When I googled the hackers they have managed to take down a few photo cart sites.
Its nothing do to with FTP passwords.
Its an MySQL injection attack. When I googled the hackers they have managed to take down a few photo cart sites.
Dave's Uploader
269 posts
Wed Jun 25, 14 8:58 AM CST
What version of Photo Cart are (were) you running when this occurred?
R
Ross Grieve
32 posts
Wed Jun 25, 14 9:29 AM CST
See the OP post. We are now running 7 but are still having issues.
Edited Wed Jun 25, 14 9:29 AM by Ross Grieve
J
Josh Johnson
3 posts
Wed Jun 25, 14 2:00 PM CST
Any update on a solution? Our photo cart site is down as well.
D
Dave Mills
2 posts
Wed Jul 16, 14 11:31 PM CST
I also upgraded to v7.1.0 based on the security email suggestion (my site had been hacked), and now I can see my new v7 administration screens, but my actual customer galleries still jump to a site that says "hacked". Any suggestions would really be appreciated, I'm dead in the water.
Dave
Dave
Tim - PicturesPro.com
16,266 posts
(admin)
Thu Jul 17, 14 8:48 AM CST
Most likely a gallery name or some text has been changed to a script redirect code. You should check the gallery titles in your admin if you can and look for one that was changed.
Tim Grissett, DIA - PicturesPro.com
My Email Address: info@picturespro.com
My Email Address: info@picturespro.com
D
Dave Mills
2 posts
Thu Jul 17, 14 10:14 PM CST
Thanks Tim, that helped a lot. I did find (thru phpmyadmin) one of the gallery titles had been changed to a script, and also that my custom header and footer had been changed. Hopefully that's all of it...
Please log in or Create an account to post or reply to topics.
Loading more pages