• You MUST read the Babiato Rules before making your first post otherwise you may get permanent warning points or a permanent Ban.

    Our resources on Babiato Forum are CLEAN and SAFE. So you can use them for development and testing purposes. If your are on Windows and have an antivirus that alerts you about a possible infection: Know it's a false positive because all scripts are double checked by our experts. We advise you to add Babiato to trusted sites/sources or disable your antivirus momentarily while downloading a resource. "Enjoy your presence on Babiato"

Active eCommerce CMS By ActiveITzone 23471405

Active eCommerce CMS By ActiveITzone V8.7

No permission to download
Overview Updates (77) Reviews (8) History Discussion
@NullMaster
kasun955 said:
guys any idea how to get .svg extension activate on the file uploader on Ver.4.0 /

when uploading the below error comes ,

also on my server the mysql was automatically deleted .. may they have a back door if someone can help with that would save us all , because i was doing modifications, but suddenly database was gone and http 500 error comes , :cry::cry::cry::cry::cry::cry:,

thanks in advance ,
Click to expand...
@nulled123, @phpcore @TassieNZ
Please could you help solve the automatic erasure of the mysql in v4.0.
Thanks in advance
 
Last edited:
  • Like
Reactions: wonraywildsparks
I believe the backdoor that drops the entire database is in the /vendor/laracon21/timezones/src/routes/web.php

All of laracon21 packages are backdoors. Nothing usefull there.

Found backdoors in mehedi-iitdu/core-component-repository too.

This ZIP file contains all modifications I made in those files. It may work, I'm not sure yet. But if you want to try, just unzip the file inside vendor directory.

I recommend you to change the database password as well.

EDIT: Forgot one file: /app/Http/Controllers/DemoController.php, comment the lines 42 and 43.
 

Attachments

  • ActiveEcommerce_BackdoorSolution.zip
    102.9 KB · Views: 52
  • Love
Reactions: Chijioke
wonraywildsparks said:
I believe the backdoor that drops the entire database is in the /vendor/laracon21/timezones/src/routes/web.php

All of laracon21 packages are backdoors. Nothing usefull there.

Found backdoors in mehedi-iitdu/core-component-repository too.

This ZIP file contains all modifications I made in those files. It may work, I'm not sure yet. But if you want to try, just unzip the file inside vendor directory.

I recommend you to change the database password as well.

EDIT: Forgot one file: /app/Http/Controllers/DemoController.php, comment the lines 42 and 43.
Click to expand...

Thanks so much. Would try!
 
  • Love
Reactions: kasun955
wonraywildsparks said:
I believe the backdoor that drops the entire database is in the /vendor/laracon21/timezones/src/routes/web.php

All of laracon21 packages are backdoors. Nothing usefull there.

Found backdoors in mehedi-iitdu/core-component-repository too.

This ZIP file contains all modifications I made in those files. It may work, I'm not sure yet. But if you want to try, just unzip the file inside vendor directory.

I recommend you to change the database password as well.

EDIT: Forgot one file: /app/Http/Controllers/DemoController.php, comment the lines 42 and 43.
Click to expand...
can I report this to Envato? I have purchased this item
 
  • Like
Reactions: kasun955, Chijioke and wonraywildsparks
raqib said:
can I report this to Envato? I have purchased this item
Click to expand...

It's complicated. In theory yes. Envato prohibits any type of backdoor in its products. But if backdoors are not active when using the software legitimately, it is difficult to explain how you found the backdoor.

But the code that deletes the entire database is very explicit, I think it can be reported.
 
  • Like
Reactions: Chijioke
Chijioke said:
Yes, seems like it.
User has no privacy for his business - not a good decision
Click to expand...

The backdoor that drops the database has been inserted into the routes. This opens a security vulnerability. If a malicious agent accesses that particular route in a store's system using Active eCommerce, even if the software was legitimate, it would trigger the behavior of the backdoor, erasing all data from the database.
 
  • Wow
Reactions: Chijioke and řåķïbweb
You must log in or register to reply here.

Similar threads

isaacongoma
Active Ecommerce CMS Custom Kapital Bank Payment Gateway Addon
Replies
2
Views
211
PHP Scripts
isaacongoma
isaacongoma
kia1349
Backup And Restore Addon For Active Ecommerce CMS
Replies
12
Views
970
PHP Scripts
kia1349
kia1349
Mr.Wold
Active Ecommerce CMS v6.1.4 - 500 Error On Payment page
Replies
8
Views
2K
PHP Scripts
epertabhay
epertabhay
Benjamin1997
Active eCommerce CMS (v 1.7 - v1.9)
Replies
33
Views
6K
PHP Scripts
Benjamin1997
Benjamin1997
Vechet
[REQ] Active Ecommerce CMS Nulled
Replies
6
Views
2K
PHP Scripts
AhmedHamza__
AhmedHamza__

Latest posts

Forum statistics

Threads
79,655
Messages
1,147,396
Members
251,366
Latest member
qSenox

Share this page

Share this page
Top Bottom
Back
AdBlock Detected

We get it, advertisements are annoying!

However in order to keep our huge array of resources free of charge we need to generate income from ads so to use the site you will need to turn off your adblocker.

If you'd like to have an ad free experience you can become a Babiato Lover by donating as little as $5 per month. Click on the Donate menu tab for more info.

I've Disabled AdBlock