This is a discussion on osCMax Security Update - XSS flaw patched within the Announcement Discussions forums, part of the osCmax News and Announcements category; This is for osCMax only, not osCommerce. If you have installed the mod Printable Catalog into your standard osCommerce shop, ...
Re: osCMax Security Update - XSS flaw patched This is for osCMax only, not osCommerce.
If you have installed the mod Printable Catalog into your standard osCommerce shop, go to addons.oscommerce.com and download the v3.6 printable catalog mod and use it to update your site.
If you have not installed Printable Catalog on your shop, this does not apply to you.
Originally Posted by ecom
Michael Sasek
osCMax Developer
osCmax installation service - Have our professionals install osCmax on your server - same day service!
osCmax 2.0 User Manual - the must have beginners guide to osCmax v2.0
Stay Up To Date with everything osCMax:
Free osCMax Newsletters - Security notices, New Releases, osCMax News
osCMax on Twitter - Up to the minute info as it happens. Know it first.
osCmax Documentation
Re: osCMax Security Update - XSS flaw patched Thanks a lot for the patch, but thanks for using pm also
Re: osCMax Security Update - XSS flaw patched This is a osCMax release! Not a osCommerce RC2 release -----they don't have/use templates.
JPF - osCMax Fourm Moderator - To contact, post on the forum or click here
Try out our osCMax at: Live Catalog Demo
Limited access Admin: Live Admin Demo
Feel free to add products they way you want and then purchase them -=+=- Sorry nothing will be billed or shipped!
Re: osCMax Security Update - XSS flaw patched Thanks for the security message--- file updated and works great!
Re: osCMax Security Update - XSS flaw patched Many thanks for the pm and the speedy fix - much appreciated!
Re: osCMax Security Update - XSS flaw patched Hello Michael,
Sorry about the post to your Profile Page - Didn't know I should post this in the forum.
Trying to install the security fix dated Jan. 27, 2009.
Cart version v2.2 RC2 installed via Cpanel.
I don't see the path or file name via ftp.
/catalog/templates/fallback/content/
When viewing the cart I don't see a printable catalog link either.
Thanks,
Steve Boyd
Tucson, Arizona
Re: osCMax Security Update - XSS flaw patched Hey Chevelle
The fix is only for oscmax users. 2.2RC2 is an oscommerce release so doesnt have templates.
Best Wishes
Mark
Re: osCMax Security Update - XSS flaw patched Steve, like Mark said, osCommerce 2.2RC2a is not affected by this security problem unless you manually added the Printable Catalog (any version prior to v3.6 which is the patch we released) to your osCommerce store.
If you are not using osCMax, and don't have printable catalog installed, you are safe from this one.
Michael Sasek
osCMax Developer
osCmax installation service - Have our professionals install osCmax on your server - same day service!
osCmax 2.0 User Manual - the must have beginners guide to osCmax v2.0
Stay Up To Date with everything osCMax:
Free osCMax Newsletters - Security notices, New Releases, osCMax News
osCMax on Twitter - Up to the minute info as it happens. Know it first.
osCmax Documentation
Re: osCMax Security Update - XSS flaw patched thanks thanks
Re: osCMax Security Update - XSS flaw patched if this isn't fixed on the site, would it allow someone to upload files to your site - we recently had a site compromised and we're trying to figure out how they got in.
Posting Permissions
LinkBack URL
About LinkBacks
Bookmarks