Hi i quit smoking 8 days ago via an ego and some wicked dk juice (uhg)
Anywho nothing special in this post besides a general explanation of why peoples cards are being stolen and how to protect yourself.
Quite a few vendors are using old outdated or just plain insecure shopping carts on there website heres a list (not complete) of some of the most easiest to exploit software's currently out they allow everything from price and inventory manipulation to full dumps of credit cards and user data bases. Scary...
What you can do to protect yourself
Step one : Use a dedicated online shopping prepayed card ( this also helps with impulse buys) and or use paypal when allowed to by site owners.
Step two : shop on sites you trust. (Nothing more you can really do its on the site owners to secure there shopping carts.)
What site owners can do.
Hire someone to take a look at your current security if your not overly technical minded or have any doubts and keep your software upgraded.
Heres the shortlist of carts that have HUGE secuity holes that alow everything from remote uploads to downloading your entire databases
if you use this software you need to upgrade anything without a version number is currently exploitable and there are no security uptates that patch these holes. change carts now!
AJ Shopping Cart v1.0
Comersus 8 Shopping Cart
Valdersoft Shopping Cart
Interspire Shopping Cart
DevMass Shopping Cart
osCommerce and osCMax shopping cart
Multi-Vendor E-Commerce
XT-Commerce v1 Beta 1
Tochin Ecommerce
E-commerce Group
webperformance Ecommerce
Speedy-shop
ECShop
phpscripte24 Live Shopping Multi Portal System
GeneShop
ShopSystem
Online Shop
PhPepperShop Webshop
ShopCartDx
Shopxp v7.4
TomatoCart 1.0.1
After Shopping Cart
ZeusCart Ecommerce Shopping Cart Software
sX-Shop
This list is far from complete if you would like me to look at your site and notify you of any java injections or XSS holes ill gladly take a look for you. (hopefully this hasn't been covered here if so sorry for the wall of text.
Anywho nothing special in this post besides a general explanation of why peoples cards are being stolen and how to protect yourself.
Quite a few vendors are using old outdated or just plain insecure shopping carts on there website heres a list (not complete) of some of the most easiest to exploit software's currently out they allow everything from price and inventory manipulation to full dumps of credit cards and user data bases. Scary...
What you can do to protect yourself
Step one : Use a dedicated online shopping prepayed card ( this also helps with impulse buys) and or use paypal when allowed to by site owners.
Step two : shop on sites you trust. (Nothing more you can really do its on the site owners to secure there shopping carts.)
What site owners can do.
Hire someone to take a look at your current security if your not overly technical minded or have any doubts and keep your software upgraded.
Heres the shortlist of carts that have HUGE secuity holes that alow everything from remote uploads to downloading your entire databases
AJ Shopping Cart v1.0
Comersus 8 Shopping Cart
Valdersoft Shopping Cart
Interspire Shopping Cart
DevMass Shopping Cart
osCommerce and osCMax shopping cart
Multi-Vendor E-Commerce
XT-Commerce v1 Beta 1
Tochin Ecommerce
E-commerce Group
webperformance Ecommerce
Speedy-shop
ECShop
phpscripte24 Live Shopping Multi Portal System
GeneShop
ShopSystem
Online Shop
PhPepperShop Webshop
ShopCartDx
Shopxp v7.4
TomatoCart 1.0.1
After Shopping Cart
ZeusCart Ecommerce Shopping Cart Software
sX-Shop
This list is far from complete if you would like me to look at your site and notify you of any java injections or XSS holes ill gladly take a look for you. (hopefully this hasn't been covered here if so sorry for the wall of text.
