It's around this time of year, with Black Friday looming and Christmas just around the corner, that online sales boom. Today security firm High-Tech Bridge has issued a warning to retailers and shoppers about a critical vulnerability in the popular Zen Cart shopping management system.
High-Tech Bridge has provided Zen Cart with full details of the security flaw which could allow remote attackers to infiltrate web servers and gain access to customer data. Servers running Zen Cart are also at risk of malware, meaning that hundreds of thousands of ecommerce sites pose a potential danger.
Technical details of the vulnerability are not yet being made public, but having notified Zen Cart of the issue High-Tech Bridge says the date of full public disclosure is 16 December. Zen Cart is yet to issue a statement in response to the discovery, but Chief Architect of ImmuniWeb and High-Tech Bridge CEO Ilia Kolochenko said:
Hi-Tech Bridge warns that Zen Cart 1.5.3 and "probably prior" are affected.
Image source: Shutterstock/mtkang