Telah Dianugerahkan

Urgent: need to reactivate closed x cart store and solve patch installation error

Our store at [url removed, login to view] is temporarily closed. By temporarily closing the store, we no longer have access to our admin panel. We first need help determining how to reopen our store.

Second, after installing a patch recommended by x cart this morning, we receive the following error. Further below is the email regarding the x cart patch that was recommended to us.

Please see error:

$HTTP_HOST = isset($_SERVER['HTTP_HOST']) ? addslashes($_SERVER['HTTP_HOST']) : false; $HTTP_HOST = isset($_SERVER['HTTP_HOST']) ? addslashes($_SERVER['HTTP_HOST']) : false; $HTTP_HOST = isset($_SERVER['HTTP_HOST']) ? addslashes($_SERVER['HTTP_HOST']) : false; Warning: Cannot modify header information - headers already sent by (output started at /usr/www/users/philroth/JR/store/[url removed, login to view]) in /usr/www/users/philroth/JR/store/include/[url removed, login to view] on line 72

Warning: Cannot modify header information - headers already sent by (output started at /usr/www/users/philroth/JR/store/[url removed, login to view]) in /usr/www/users/philroth/JR/store/include/[url removed, login to view] on line 74

Warning: Cannot modify header information - headers already sent by (output started at /usr/www/users/philroth/JR/store/[url removed, login to view]) in /usr/www/users/philroth/JR/store/include/[url removed, login to view] on line 83

Warning: Cannot modify header information - headers already sent by (output started at /usr/www/users/philroth/JR/store/[url removed, login to view]) in /usr/www/users/philroth/JR/store/include/[url removed, login to view] on line 84

Warning: Cannot modify header information - headers already sent by (output started at /usr/www/users/philroth/JR/store/[url removed, login to view]) in /usr/www/users/philroth/JR/store/include/[url removed, login to view] on line 91

Warning: Cannot modify header information - headers already sent by (output started at /usr/www/users/philroth/JR/store/[url removed, login to view]) in /usr/www/users/philroth/JR/store/include/func/[url removed, login to view] on line 1582

Warning: Cannot modify header information - headers already sent by (output started at /usr/www/users/philroth/JR/store/[url removed, login to view]) in /usr/www/users/philroth/JR/store/include/[url removed, login to view] on line 162

We have an urgent need to fix our patch installation recommended by X-Cart, see below:

Dear X-Cart customer,

During internal audit activities we found minor security issue that make X-Cart potentially vulnerable to attackers who wish to gain access to the application back-end.

Qualiteam has released the security update which includes the following improvements:

4.1.x branch:

-some known problems related to anonymous accounts

-protection from unallowed access to back-end, using queries (formed in a special way) has been added

4.2.x - 4.4.x branches:

Security improvement for server variables and [url removed, login to view] script

SEVERITY

Minor

IMPACT ON 4.1.x versions

A malicious user can gain access to address info for anonymous accounts.

A malicious user can gain access to the application back-end.

IMPACT ON 4.2.x - 4.4.x versions

A malicious user can gain access to the application back-end with a complex SQL injection

AFFECTED VERSIONS

All X-Cart versions

SOLUTION

We recommend you to apply the security fix to secure your store.

To apply this patch, follow the instructions below:

1) Download the patch (the security-patch-2012-04-05_{version}.tgz archive file) from the "File area" section of your Qualiteam account.

You can find the patch at

X-Cart -> X-Cart supporting files for prev versions -> {Your X-Cart branch} -> {Your X-Cart version} -> Updates and patches

2) Decompress the archive file.

The following files/folders will be extracted:

/DIFF-xcart - contains DIFF files for patching customized X-Cart files

/README - this README file

/xcart - contains already patched X-Cart files

[url removed, login to view] - contains all DIFF files from the DIFF-xcart folder, combined into one file

Note:

DIFF file is a file that contains differences between two files. In our case, DIFF file contains changes made to the current file compared to the former version of the same fil

Kemahiran: Troli Membeli-belah

Lihat lebih lanjut: www x cart com, qualiteam x cart, qualiteam, problems of internal audit, make a cart, information audit, how to solution, how to find problems, find the solution to, audit file, archive problems, find current address, account closed, www audit com, need an audit, vulnerable, urgent need php, sql injection, solve some, solve php error, security patches, security audit, prev, patching, patch

Tentang Majikan:
( 0 ulasan ) Springfield, United States

ID Projek: #1558696

1 pekerja bebas membida secara purata $25 untuk pekerjaan ini

AtlanticSoft

Hired by the Employer

$25 USD / jam
(45 Ulasan)
6.6