What is the vulnerability? | A remote code-execution hole that allows execution of PHP code on the web server |
---|---|
Who does it affect? | Community and enterprise editions of Magento |
Recently, a critcial vulnerability consisting of a chain of vulnerabilities has been discovered within the community and enterprise editions of Magento. A patch was released in February which addressed this issue, but as of this month 98,000 merchants had not installed this patch. The vulnerability allows attackers to create administrator accounts within unpatched Mageneto sites. This gives the attacker access to credit card information and administrative access to the Magento system.
If you are using Magento, make sure to apply the update as soon as possible. Installation instructions can be found here.
For more details on this alert, please see the Ars Technica article.
Email: | support@WebHostingHub.com | Ticket: | Submit a Support Ticket |
---|---|---|---|
Call: | 757-416-6627 | Chat: | Click To Chat Now |
We value your feedback!
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
new! - Enter your name and email address above and we will post your feedback in the comments on this page!