What is the vulnerability? A remote code-execution hole that allows execution of PHP code on the web server
Who does it affect?Community and enterprise editions of Magento

Description of the Magento Exploit

Recently, a critcial vulnerability consisting of a chain of vulnerabilities has been discovered within the community and enterprise editions of Magento. A patch was released in February which addressed this issue, but as of this month 98,000 merchants had not installed this patch. The vulnerability allows attackers to create administrator accounts within unpatched Mageneto sites. This gives the attacker access to credit card information and administrative access to the Magento system.

Location of Patch and Instructions

If you are using Magento, make sure to apply the update as soon as possible. Installation instructions can be found here.

For more details on this alert, please see the Ars Technica article.

Did you find this article helpful?

We value your feedback!

Why was this article not helpful? (Check all that apply)
The article is too difficult or too technical to follow.
There is a step or detail missing from the instructions.
The information is incorrect or out-of-date.
It does not resolve the question/problem I have.
How did you find this article?
Please tell us how we can improve this article:
Email Address
Name

new! - Enter your name and email address above and we will post your feedback in the comments on this page!

Did you find this article helpful?

Post a Comment

Name:
Email Address:
Phone Number:
Comment:
Submit

Please note: Your name and comment will be displayed, but we will not show your email address.

Related Questions

Here are a few questions related to this article that our customers have asked:
Ooops! It looks like there are no questions about this page.
Would you like to ask a question about this page? If so, click the button below!

Help Center Search

Current Customers

Email: support@WebHostingHub.com Ticket: Submit a Support Ticket
Call: 877-595-4HUB (4482)
757-416-6627 (Intl.)
Chat: Click To Chat Now

Ask the Community

Get help with your questions from our community of like-minded hosting users and Web Hosting Hub Staff.

Not a Customer?

Get web hosting from a company that is here to help.