osCMax Security Update - XSS flaw patched

An XSS security flaw has been found in osCMax, specifically the printable catalog module. The flaw is in all 2.0 versions, including RC3, RC3.0.1, RC3.0.2, and RC4 SVN.


osCMax Security Update - Arbitrary Upload Exploit

A security hole was found in osCMax 2.0 RC 3.0.1 that allows a remote attacker to upload files to your site via a browser.


osCMax Development Update 9/17/08

We are nearing a public release of osCMax2.0 RC4. It has been available via the SVN repository for some time now, but not packaged and released for general public usage.


There have been a lot of updates this week that really push the new version closer to being declared stable.


osCMax Template System explained

There are always a few posts every month in the forums asking the the same basic questions about the osCMax template system.


osCMax Development Update: Admin Panel Upgrades

Weekly Update 5-4-08

This week, I have put a lot of effort into some of the admin panel features that have not been updated in a very long time. The following have been added or upgraded:


osCMax Development Update : Order Editor, Manual Order Maker

Code Updates


Today the Order Editor and Manual Order Maker in the osCMax admin panel were fully updated in the RC4 development branch. This code can be obtained from the SVN repository .


Ajax Search Suggestions

I just integrated this of my site Ajax Search Suggestions www.discounthandpowertools.co.uk I used
The osC_AJAX_Suggest_Package & Search_Box_Anywhere_22_November_2005 packages
And played with the code and come up with this.
I have created couple of buttons includes PNG files
any suggestion or more ideas would be good.

osCMax Development Update : Fully updated installer, Easypopulate and more

Weekly Update

Continuing the trend of more commits to the SVN repository for osCMax RC4, I have finished updating the installer for osCMax.


osCMax Install Script update : register_globals off

I am just about finished the code changes to update the osCMax installer to no longer require register globals to be on.

Algozone tempates site hacked

It looks like Algozone's web site was defaced by a hacker on 4/18/08. I believe they were using an older version of CRE-Loaded to run their site.

This is what was left of their site:

Hack By
[email protected]

Hopefully they will switch to osCMax :)

Syndicate content
User List