Magento Forums
Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Is Magento CE 1.3 vulnerable to Shoplift?

SOLVED
Go to solution
‎04-24-2015 02:44 AM
‎04-24-2015 02:44 AM

Is Magento CE 1.3 vulnerable to Shoplift?

A client of mine runs Magento CE 1.3. Is this vulnerable to the shoplift bug? There's no patch for versions prior to 1.4.

We're in the process of upgrading his site but I need to know if it's vulnerable in the short term.

His Magento install is in a subdirectory of his site so the shoplift.byte.nl page can't determine if the site is vulnerable.

 

 

0 Kudos
1 ACCEPTED SOLUTION

Accepted Solutions
‎04-24-2015 05:18 AM
‎04-24-2015 05:18 AM

Re: Is Magento CE 1.3 vulnerable to Shoplift?

Yes, 1.3 is also susceptible to Shoplift. Test here for Shoplift

 

And here are 1.3 patches: https://www.nublue.co.uk/blog/magento-remote-code-execution-bug-patches-for-pre-1-6-versions/

View solution in original post

1 REPLY 1
‎04-24-2015 05:18 AM
‎04-24-2015 05:18 AM

Re: Is Magento CE 1.3 vulnerable to Shoplift?

Yes, 1.3 is also susceptible to Shoplift. Test here for Shoplift

 

And here are 1.3 patches: https://www.nublue.co.uk/blog/magento-remote-code-execution-bug-patches-for-pre-1-6-versions/