How to fix security bugs/exploit in v1.x, v2.0

treewood (OpenSolution)

Avatar: treewood

2007-03-15 23:13

"config[db_type]" Local File Inclusion Vulnerabilities
http://secunia.com/advisories/23168/

If You have register_globals set ON on Your server and QC lower then 2.1, edit all files in directories:
1. actions_client/
2. actions_admin/

Add something like this at start of all files in this directories:

if( !defined'DIR_CORE' ) )
  exit;


------------------------

"p" Cross-Site Scripting Vulnerability
http://secunia.com/advisories/23738/

1. Edit index.php
2. Find

if( !isset( $p ) || $p == '' ){
  $p  $config['start_page'];
}

and add

else
  $p htmlspecialchars$p );

Back to top

Over 32 thousand websites based on Quick.Cart and Quick.Cms. See the most interesting ones...

  • Screenshot of website aparperfume.pl
  • Screenshot of website sportowcydzieciom.pl
  • Screenshot of website jezykipodroze.pl
  • Screenshot of website powiat-wieruszowski.pl
  • Screenshot of website 4carriers.com
about us | contact