Jump to content

Anonymous Bounced Emails From Shop


Guest lcools

Recommended Posts

This morning I received 30-35 emails (all sent within 14 minutes) titled: 'Mail failure - no recipient addresses' that seem to be from my server.

The emails are blank shop order forms that start like this:

Dear ,

Thank you for your order no: 999999%'/**/or/**/basket=(SELECT(IF((ASCII(SUBSTRING(password,1,1))=55),benchmark(2000000,sha1('suntzu')),0))/**/FROM/**/CubeCart_admin_users/**/WHERE/**/isSuper=1)/* placed on Dec 31 1969, 19:00 PM

The transaction was successful and we will ship your goods right away (within next shipping day) and confirm once that's done.

I checked my shop's stats and admin logs. Nothing seems unusual there.

I have 3.0.8 and use mail() because smtp would not work after many tries.

Does anyone have any idea whats going on?

Thanks~

Leila

Link to comment
Share on other sites

It happened again last night, but 850+ times. I've had lots of spam attacks on this website (webforms) but how are they accessing the order confirmation form?

I have no idea if this is a cubecart or hostfile issue?

Anyone, please?

Link to comment
Share on other sites

Hi...Thanks,

I'm on a Mac so I don't have the option of Winmerge. Past upgrades were basically a reinstall. I an't possibly do that until after Christmas. I'm hoping to get through December and upgrade, or buy #4, in January.

Just need to know what's going on.

Thanks!

Leila

Link to comment
Share on other sites

This morning I received 30-35 emails (all sent within 14 minutes) titled: 'Mail failure - no recipient addresses' that seem to be from my server.

The emails are blank shop order forms that start like this:

Dear ,

Thank you for your order no: 999999%'/**/or/**/basket=(SELECT(IF((ASCII(SUBSTRING(password,1,1))=55),benchmark(2000000,sha1('suntzu')),0))/**/FROM/**/CubeCart_admin_users/**/WHERE/**/isSuper=1)/* placed on Dec 31 1969, 19:00 PM

The transaction was successful and we will ship your goods right away (within next shipping day) and confirm once that's done.

I checked my shop's stats and admin logs. Nothing seems unusual there.

I have 3.0.8 and use mail() because smtp would not work after many tries.

Does anyone have any idea whats going on?

Thanks~

Leila

Just Spam bombs.

Link to comment
Share on other sites

Guest Hostpac

We also have clients having this same problem.

Can anyone point me in the right direction to overcome these bounce errors. One client is receiving over 1000 per day using latest version of CC

Cheers

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...