29-03-2019 23:40 via feedproxy.google.com

Hackers publish details on critical Magento flaw

The Magento e-commerce platform could soon face a number of attacks after hackers publicly released code that exploits a critical vulnerability in its systems which could be used to plant payment card skimmers on sites that have not yet been updated.PRODSECBUG-2198 is the name of the SQL injection vulnerability that attackers can exploit without the need for authentication.Any hacker that can obtain user names and crack the password hashes protecting these credentials could theoretically exploit
Read more »