Simple Oscommerce Google inurl trick

[Jodi Middleton <cs3jm () csc liv ac uk>]

Simply google inurl trick for Oscommerce for open administrator page.
If no .htpassword is set for the admin folder of osCommerce then of 
course you can change any setting in the shop unless password security 
has been enabled on the admin console.

Search google for;
inurl:"/admin/configuration. php?" Mystore

Despite a few demo pages there are a few open admin pages for webshops. 
Simple patch if you are one is to place a .htpassword file in the root 
of the admin folder.

-- J.R.Middleton
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/