Security »

8
Vote
There is a new article about a popular PHP e-commerce application, OpenCart, which is vulnerable to CSRF attacks but the creator isn't acknowledging the problem. The article highlights the problem with the inexperienced developers and how it is easy for a developer to create web applications but put thousands of businesses at risk. The PHP community is asked on how an issue like this could be handled.
Posted by bmaynard 185 days ago (http://abcphp.com)
5 Comments  | Bury | Tweet This | Tagged: php security opencart csrf | Add To 

Who Voted for this Story

  1. Avatar bmaynard

Comments


Written by girish.r
184 days ago
Are the OpenCart developers aware of it?
- 0 +



Written by bmaynard
184 days ago
Yes, did you see the blog post? I posted the email transcript that I had with the developer.
- 1 +



Written by girish.r
184 days ago
Ok, Yesterday I did take a look at opencart and its looks promising.
- 0 +



Written by blueyon
180 days ago
Show / Hide
- -1 +



Written by girish.r
180 days ago
May be you should make a note of it in your blog. BTW I love opencart.
- 0 +



Written by blueyon
180 days ago
Show / Hide
- -2 +



Written by blueyon
180 days ago
stop wasting my time with this silly hack. you have not explained to the people that for it to work you will need to be logged into your admin and visit a suspect web page that links directly to your opencart admin.
- 0 +



Log in to comment or register here.