The PayPal Commerce plugin is currently the only officially supported plugin for CubeCart but unfortunately this PayPal plugin is written to overwrite the customer address and phone number details in CubeCart with the details held in the PayPal account. This is apparently mandated by PayPal and seems to be a problem for other E-Commerce systems as well. We believe that this is wrong as a […]
PHP 7.2 Patches are available for Magento 1 Magento has released a patch that provides support for PHP 7.2.x for Magento Commerce 1.14.2.x and 1.14.3.x, as well as Magento Open Source 1.9.2.x and 1.9.3.x Going forward, support for PHP 7.2 will be included as part of the Magento Commerce 1.14.4.0 and Magento Open Source 1.9.4.0 releases, which are currently scheduled for late 2018. Important note: […]
Patch SUPEE-10888 for Magento 1.X released on 17th Sept 2018 This patch only applies to versions of Magento 1.x (including EE), but there is a similar set of security fixes for Magento 2 which can be applied as an upgrade in Magento 2.X This latest security patch release contains over 10 security fixes including five “Medium” severity issues and six “Low” severity issues. As always […]
XML Sitemap software version 7.2 upgrade available. A new version (V7.2) of the XML Sitemap generation software that many of our customers use, is available and while this update doesn’t add a lot of new features, it builds on the recent V7.0 and V7.1 releases. Those customers that have a current valid yearly maintenance and upgrade service, will get their version upgraded by us over […]
CubeCart version 6.1.5 released What has changed in CubeCart V6.1.5 This release contains two minor security issues, several new hooks, two new functional improvements and 40 plus bug fixes. The two low risk security fixes are detailed in issues 1491 and 1492 and while these are not too serious, it is always recommended to upgrade for any security issue. However, if you are still running […]
Multiple High Risk Vulnerabilities in all Magento 1 Websites A large number (seventeen in total !) of security vulnerabilities have recently been announced by Magento, many of which are rated as critical and high and should therefore be patched as soon as possible using patch SUPEE-8788. Using the following release versions, Community Edition 1.9.3 or Enterprise Edition 1.14.3, are alternate ways to fix these issues. […]
CubeCart V5 End of Life Announcement The CubeCart team have today announced that version 5 of this very popular E-Commerce open source software product will reach end of life on 24th November 2016 and no further release updates, including security releases, will be made available after this date. A large number of V5 users have already upgraded to V6 as the upgrade path is straight […]
Three Joomla security issues have recently been disclosed The three vulnerabilities which affect versions 1.0.6 through 3.6.0 are as follows : • [20160802] – Core – XSS Vulnerability • [20160801] – Core – ACL Violation • [20160803] – Core – CSRF Specific details of each of the vulnerabilities : [20160802] – Core – XSS Vulnerability Project: Joomla! SubProject: CMS Severity: Low Versions: 1.6.0 through 3.6.0 […]
WordPress 4.4.2 Security and Maintenance Release. WordPress 4.4.2 is now available. This is a security release for all previous versions and we strongly encourage you to update your sites immediately. WordPress versions 4.4.1 and earlier are affected by two security issues: a possible SSRF for certain local URIs and an open redirection attack. In addition to the security issues above, WordPress 4.4.2 fixes 17 bugs […]
Dangerous Stored XSS Vulnerability in Magento During an audit of their WAF, Sucuri discovered a dangerous, but also easy to exploit, Stored XSS Vulnerability in all versions of Magento. The issue could allow attackers to take over your site, create new administrator accounts, steal client information – in fact anything a legitimate administrator account is allowed to do ! Sucuri responsibly disclosed this to the […]