osCommerce and osCMax shopping cart software forums

Shopping Cart Software

osCommerce with teeth!

 

Cart Quantity Security Flaw Patch

This is a discussion on Cart Quantity Security Flaw Patch within the New osCommerce Contributions forums, part of the osCommerce 2.2 Forums category; This potential security flaw was first spotted by ErollorD on the oscommerce forums. If you already use the Quantity Controller ...


Go Back   osCommerce and osCMax shopping cart software forums > osCommerce 2.2 Forums > New osCommerce Contributions

Cart Quantity Security Flaw Patch Cart Quantity Security Flaw Patch

Register FAQ Members List Calendar Mark Forums Read


Free community membership! Fast easy FREE membership
Reply

 

LinkBack Thread Tools
  #1  
Old 10-02-2007, 03:02 AM
michael_s's Avatar
osCMax Developer

  
Join Date: Jul 2002
Location: Phoenix, AZ
Posts: 9,577
Thanks: 65
Thanked 279 Times in 265 Posts
Rep Power: 10
michael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond reputemichael_s has a reputation beyond repute
Post Cart Quantity Security Flaw Patch
This potential security flaw was first spotted by ErollorD on the oscommerce forums.

If you already use the Quantity Controller contribution or any other that sets maximum limits to your product quantities, you probably won't need this fix.

Problem: Add an item to your cart, update the quantity to 1000000000000000
You'll notice a drastic reduce in the price!
There is probably more to this problem in the osc core, but for the time being this is a quick patch to prevent people from stealing your downloads or getting your merch for cheap.


Also posted at: http://forums.oscommerce.com/index.php?showtopic=278086

More...
__________________
Michael Sasek
osCMax Developer

osCMax Templates - Hundreds of premium quality templates. New designs every month!

xShop for osCMax - Windows Based osCMax administration. Improved workflow, security, speed and convenience

osCMax Hosting - From basic hosting to High Availability, Load Balanced arrays, the most experienced osCMax host.

Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply

« Quantity Box in Product Listing v1.0 | Down For Maint v2.1 for MS2 »


Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On

Similar Threads

Thread Thread Starter Forum Replies Last Post
Shipping in shopping cart infobox and OSC checkout flaw. adiwillow osCMax v2 Customization/Mods 0 10-27-2006 03:08 AM
Blank default page after did the security patch alphaque osCMax v2 Installation issues 6 03-27-2006 02:35 AM
Security Patch osCMax 2.0RC2 warrenthewindmill osCMax v1.7 Discussion 2 12-04-2005 10:50 AM
Re: Security Patch loba osCMax v1.7 Discussion 13 03-25-2005 06:01 AM
Security patch killed pop-up function bjrafferty osCMax v1.7 Discussion 2 03-24-2005 01:13 PM


All times are GMT -8. The time now is 03:32 AM.

osCMax Home - Site Map - Top

Powered by vBulletin®
Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
SEO by vBSEO
Copyright 2008 osCMax