Security vulnerabilities have been found in VirtueMart, Joomla CMS's premier shopping-cart software program, which affect both the current version and also older versions (Note: VirtueMart older versions are severely affected & so complete update or patching is essential.... for the latest version it is less critical but patching is still strongly recommended - BIS Admin).
Information on the VirtueMart website news page states:
The vulnerability in VirtueMart 1.1 can only be exploited by users with store admin/admin permissions. The vulnerability in VirtueMart 1.0 can be exploited by unregistered users, so you are urged to apply the fix as soon as possible to prevent data leakage or manipulation. Please note that VirtueMart 1.0 is not officially supported anymore."
VirtueMart (Security Fix) Patches:
Patches have now been released for both 1.1 & 1.4 versions:
- Security Patch for VirtueMart <= 1.1.4 (7.69 KB) - Note: 30/07/2010 UPDATE: This link is no longer available, perhaps due to the fact that a new version of VirtueMart has been released recently. You can download a copy in our BIS Downloads. Regards, BIS Admin.
- Security Patch for VirtueMart <= 1.0.15 (7.53 KB) - Note: 30/07/2010 UPDATE: This link is no longer available, perhaps due to the fact that a new version of VirtueMart has been released recently. You can download a copy in our BIS Downloads. Regards, BIS Admin.
To apply the fix, just extract the contents of the ZIP archive into your Joomla! root folder
(Newbies Tip: you can do this task easily using the "Extplorer" application which is shipped with Joomla & is located under the "Extensions" tab in Joomla's back-end. Upload the zipped file to your Joomla root folder, then once uploaded right-click on the file & choose "extract" option. Once extracted it will overwrite the vulnerable files).
What Others On This Site Are Reading:
Karen is the co-founder of Business-In-Site.com and is an expert on WordPress with over8+ years experience building WordPress websites for clients. She has written hundreds of articles and is the lead writer and editor for Business-In-site.