Oscommerce is the script that has been most attacked in recent months, for this reason we are going to give a series of recommendations to improve security in companies with this script for their store:
Put a password for protected directory on /admin directory
- Directories with chmod 777, /tmp /admin/images /images etc.., write an email to support to remove php execution permissions in those directories.
If you have detected a security flaw, it is ideal to upload all the files again, change the password of all the site's admins and perform the aforementioned actions.