Discover VirtueMart's Features
-
Flexible Product Management:
VirtueMart enables easy management of products, categories, attributes, and variants, allowing administrators to efficiently organize and showcase their merchandise.
-
Multi-Language Support:
With built-in multi-language support, VirtueMart caters to international markets, allowing users to create and manage multilingual online stores.
-
Multiple Payment Gateways:
VirtueMart supports various payment gateways, including PayPal, Stripe, Authorize.Net, and more, offering flexibility in accepting payments securely.
-
Shipping and Tax Calculation:
The platform provides tools for calculating shipping costs and taxes based on different parameters such as weight, destination, and tax rates, streamlining the checkout process.
-
Inventory Management:
VirtueMart offers inventory management features, including stock tracking, low-stock notifications, and backorder management, helping users keep track of their inventory levels.
-
SEO-Friendly:
The platform is designed with search engine optimization (SEO) in mind, providing features such as customizable URLs, meta tags, and sitemaps to improve online visibility and rankings.
-
Extensions and Add-ons:
VirtueMart offers a wide range of extensions and add-ons, allowing users to extend the functionality of their online store with additional features and integrations.
-
Release of VirtueMart 4.4 and Roadmap, always push beyond
The new version 4.4 has few new features, but reflects the evolving development process. Longterm users know that VirtueMart is developed in a rapid prototyping and KaiZen philosophy style. So if we develop a new feature, our testers sometimes have 10 new test versions a day. On the other hand, we try to evolve the code without hard breaks. For example developers can use the same function to get a category tree, but the technic behind that function drastically changed over the years. No stone...
After the previous security update some people commented that we should provide more information about the security leaks. Usually if the problem is within the core files, we follow security by obscurity, which means we do not exactly explain where to find the exploit. But the latest possible sql injection is in fact a matter of the template. So this time we will explain exactly what happened.
Read more: Important Security Release, VM-Team at joomladay germany (2)
Component Type: VirtueMart Core. The affected files are part of the standard VirtueMart Distribution.
Affected Versions: VirtueMart Version 1.1.6 and all versions below.
Vulnerability Type: SQL Injection.
Severity: HIGH.
Problem Description: It's possible for an attacker with administrator permissions to manipulate or gain information from the database with a specially crafted URL.
Solution: Patch or repleace one file in your VirtueMart installation. (when available: Update to VirtueMart 1.1.7).
General advice:
Follow the recommendations from the Joomla! Administrator's Security Checklist and the Security & Performance FAQ for Joomla!. This way you get basic security for your Store.
Keep notice of the VirtueMart Security Bulletins.
Component Type: VirtueMart Core. The affected files are part of the standard VirtueMart Distribution.
Affected Versions: VirtueMart Version 1.1.7 and all versions below.
Vulnerability Type: SQL Injection.
Severity: HIGH.
Problem Description: It's possible to manipulate or gain information from the database with a specially crafted URL without having to login.
Solution: apply a patch or replace one file in your VirtueMart installation. (when available: Update to VirtueMart 1.1.8).
Steps for the Update:
- Download the Update Package VM 1.1.7a.
- Go to your store and login to your Joomla! Backend (/administrator).
- Go to the VirtueMart Admin Panel => "Admin" => "Search for Updates".
- On that page click the tab "Upload a Patch". Now click "Browse" and select the patch file you just downloaded. Proceed with "Upload & Preview".
- On the following page you will find the details for this patch and if any errors occured. If everything's fine, just check the warning checkbox and click "Apply Patch now".
- Done - your VirtueMart Installation is patched now.
General advice:
Follow the recommendations from the Joomla! Administrator's Security Checklist and the Security & Performance FAQ for Joomla!. This way you get basic security for your Store.
Keep notice of the VirtueMart Security Bulletins.
Component Type: VirtueMart Core. The affected files are part of the standard VirtueMart Distribution.
Affected Versions: VirtueMart Version 1.1.4 and all versions below.
Vulnerability Type: SQL Injection.
Severity: HIGH.
Problem Description: It's possible for an attacker with administrator permissions to manipulate or gain information from the database with a specially crafted URL.
Solution: Update to VirtueMart 1.1.5.
General advice:
Follow the recommendations from the Joomla! Administrator's Security Checklist and the Security & Performance FAQ for Joomla!. This way you get basic security for your Store.
Keep notice of the VirtueMart Security Bulletins.
Affected Versions: VirtueMart Version 1.1.4 and all versions below.
Vulnerability Type: SQL Injection.
Severity: HIGH.
Problem Description: It's possible for an attacker with administrator permissions to manipulate or gain information from the database with a specially crafted URL.
Solution: An patch is available that contains new versions of the affected files: SecurityFix_vm114_012910.zip.
General advice:
Follow the recommendations from the Joomla! Administrator's Security Checklist and the Security & Performance FAQ for Joomla!. This way you get basic security for your Store.
Keep notice of the VirtueMart Security Bulletins.
