I have been using CS-Cart now for over a year on several webstores and have never seen anything like this… I am using CS-Cart v1.3.5. On this webstore, if you click on the “Register” link in the Cart side box it displays the Register page. However, personal customer information is displaying for the field labels instead of the standard field labels. Yikes!
A screenshot is attached. Has anyone else seen this behavior before? I have no idea how to go about looking into, or resolving this. Does anyone have any ideas or suggestions?
Thank you in advance, Mark
Some additonal info: I had to take the website down temporarily for obvious reasons. The .tpl file for this page has not been modified at all - it’s all CS-Cart created code. I checked in the admin tool → Manage Languages area and this personal information does not appear for any of the field label variables…
Any help/suggestions would be MOST appreciated!
Thanks, Mark
OMG - This is happening in the Admin Tool as well on the Customer Profile page, see the attached screenshot…
Help please! - Mark
[URL]http://www.domain.com/admin.php?target=profile_fields[/URL]
You need to change the profile fields.
Oh… and upgrade.
My web host provider (SiteGround) help me with this. Yes, this personal information was stored in the cscart_profile_field_descriptions DB table.
But the real question is how did personal information make it into this table to begin with? This should never happen. This is EXTREMELY concerning to me, and raises the question as to how reliable this version of CS-Cart really is :(. Is this is a known issue in CS-Cart?
Also, how do I go about upgrading CS-Cart to the latest patch/version? Is there some information/help on doing this properly somewhere? I wouldn’t want to mess this up - I don’t trust my database backup files all that much…
Thanks, Mark
From all the threads I’ve read on cs-cart, it seems like siteground is a very unsecured host since mostly all cs-cart sites being hosted there have been hacked…
gpro - I did several searches and did not see anything about SiteGround hosted websites being hacked. Can you point me to one or more of them… I am concerned about what you have said obviously…
I have over a dozen websites hosted with SiteGround now and have never had a single problem. Their response time to support requests is AWESOME, the best I have ever seen by far. Less than 1/2 hour usually.
This problem REALLY looks like a CS-Cart problem to me. Why would a hacker go in and put data into a cscart profile table? That makes 0 sense to me…
Thanks for your response, Mark
[url]http://forum.cs-cart.com/showpost.php?p=32346&postcount=9[/url]
[url]http://forum.cs-cart.com/showpost.php?p=24560&postcount=16[/url]
There’s 2 posts that mention users hosted with siteground being hacked.
Not saying it’s siteground, but it does raise a question about sitegrounds security.