Magento Expert Forum - Improve your Magento experience

Results 1 to 4 of 4

Shoplift Bug (SUPEE-5344)

  1. #1
    Junior Member
    Join Date
    Apr 2015
    Posts
    138
    Thanks
    0
    Thanked 4 Times in 4 Posts

    Default Shoplift Bug (SUPEE-5344)

    Hello everybody ,

    I would to discuss regarding security of Magento Store.

    Few day back Magento sent a critical reminder to all the store owners. The reminder was sent to all the store owners who have not updated their Magento yet for a vulnerability named as “Shoplift (SUPEE-5344)”. The bug was first detected in the month of Feb and Magento sent an update to its users to update their store. Magento did a random check and found 60% of the website were not updated yet which counts to around 140,000 Magento installed online shops globally. It is expected that in next 48 hours most of the website will be effected by this bug.

    Name:  magento-shoplift-bug.jpg
Views: 172
Size:  19.6 KB

    Shoplift is a term given to a bug that allows hackers to take full control of your Magento Store. There was a patch released for it in February called “SUPEE-5344″ but yesterday’s check by Magento confirms that around 60% of Magento installations are still open to this vulnerability.

    The message from Magento takes you to the page on their website that give you information on how to update and apply the patch. Upon some more research we came across this website called Byte which claims to check and confirm if your website is effected by this bug. You can have a check about this here.

    If you need help to update your website quickly for this bug, Reach us now at- http://www.envisionecommerce.com/contact/

    View more threads in the same category:


  2. #2
    Junior Member
    Join Date
    Sep 2016
    Posts
    228
    Thanks
    0
    Thanked 3 Times in 3 Posts

    Default

    The remote code execution (RCE) vulnerability, or “shoplift” bug, was reported to us by Check Point Software Technologies in late January 2015.

    Corporate Gifts Gurgaon

  3. #3
    Junior Member
    Join Date
    Sep 2018
    Location
    Oman, Muscat
    Posts
    2,084
    Thanks
    0
    Thanked 4 Times in 4 Posts

    Default

    SUPEE-5344 – Shoplift Bug Patch. This fix tends to a particular remote code execution (RCE) weakness known as the "shoplift bug" that enables programmers to acquire Admin access to a store. To decide whether your store has been fixed, see the Shoplift Bug Test.

  4. #4
    Junior Member
    Join Date
    Sep 2018
    Location
    United Kingdom
    Posts
    228
    Thanks
    0
    Thanked 2 Times in 2 Posts

    Default

    On the off chance that you don't have the foggiest idea, SUPEE-5344 is an official security fix to the notorious Magento shoplift bug. That bug enables terrible performing artists to acquire administrator access to powerless Magento locales. While the fix was discharged February 2015 numerous locales tragically did not refresh, this allowed programmers a chance to bargain a huge number of Magento controlled online stores.

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •