A client of mine runs Magento CE 1.3. Is this vulnerable to the shoplift bug? There's no patch for versions prior to 1.4.
We're in the process of upgrading his site but I need to know if it's vulnerable in the short term.
His Magento install is in a subdirectory of his site so the shoplift.byte.nl page can't determine if the site is vulnerable.