• VirtueMart 3.6.0 is now available!

    DOWNLOAD VM 3.6 NOW VirtueMart 3.6 component (core and AIO) More than 10000 commits later With this version VirtueMart has exceeded the 10 000 code commits mark and approximately 150 commits have been integrated into VirtueMart since we released the last stable version of VirtueMart 3.4.x a while ago. In the meantime we have released some development and release candidate versions. Among the many improvements and small bug fixes, here are some of the more noteworthy changes: For Shop Owners Enhancing...

    Read More ...

Component Type: VirtueMart Core. The affected files are part of the standard VirtueMart Distribution.

Affected Versions:
VirtueMart Version 1.1.4 and all versions below.

Vulnerability Type: SQL Injection.

Severity: HIGH.

Problem Description:
It's possible for an attacker with administrator permissions to manipulate or gain information from the database with a specially crafted URL.

Solution: Update to VirtueMart 1.1.5.

General advice:

Follow the recommendations from the Joomla! Administrator's Security Checklist and the Security & Performance FAQ for Joomla!. This way you get basic security for your Store.
Keep notice of the VirtueMart Security Bulletins.

Testimonial

I just wanted to let you know how impressed I am with Virtuemart now. I had toyed around with Virtuemart earlier in 2008 and it is amazing at the difference between there and now. You people are doing great work!
Cookies make it easier for us to provide you with our services. With the usage of our services you permit us to use cookies.