Here are some very helpful osCommerce Contributions for securing your shopping cart.
Security Pro - http://addons.oscommerce.com/info/5752
You can prevent any injection attacks.
SiteMonitor - http://addons.oscommerce.com/info/4441
You can monitor sites for unauthorised changes.
IP Trap - http://addons.oscommerce.com/info/5914
You can block elicit access attempts.
HTACCESS Security - http://addons.oscommerce.com/info/6066
You can add htaccess protection.
Anti XSS - http://addons.oscommerce.com/info/6044
You can stop Cross Site Scripting attacks.
File Permission Check - http://addons.oscommerce.com/info/6134
Also make sure that all files, except for the two configure.php files have permissions no higher than 644. The permissions for the two configure.php files will vary according to the server your site is on - it could be 644, 444 or 400 which is correct.
You can run this command via SSH:
find . -type f -exec chmod 644 {} \;
Permissions on folders should be no higher than 755.
You can run this command via SSH:
find . -type d -exec chmod 755 {} \;