Today a major vulnerability was announced in CS-Cart which covers almost all of the versions. This vulnerability was spotted by us for the first time on Friday May 23rd and we had an elation throughout the weekend. Due to the continuous monitorig of the files that are uploaded on our servers, no problems were created to our hosting clients, however after contacting CS-Cart we gave them all the known information for the vulnerability and after close cooperation they identified the vulnerability and they are expected to issue a formal announcement from their side within the next hours.
The vulnerability is for the following versions:
2.x.x, 3.0.x, 4.0.x, 4.1.1 to 4.1.2
Up until now, this vulnerability was used only by a bot from a US server and in all the sites the following files were uploaded in the CS-Cart directory
js/thumbs.php
images/test.gif
In case you finr these files, delete them immediately
For the time being, the fix is to delete the deffective payment modules which luckily are not used in Greece
Please note that in our efforts to provide safer websites, we have already deleted these files in all our web hosting clients.
In case you are not our client:
1) In CS-Cart 4.0.x, 4.1.1 to 4.1.2 and Multi-Vendor 4.0.x, 4.1.1 to 4.1.2:
a) Delete the file app/payments/atos.php
b) Delete the directory app/payments/atos_files
c) Delete the file app/payments/hsbc.php
d) Delete the directory app/payments/hsbc_files
2) In CS-Cart 2.x.x and 3.0.x (all editions)
a) Delete the file payments/atos.php
b) Delete the directory payments/atos_files
c) Delete the file payments/hsbc.php
d) Delete the directory payments/hsbc_files