Magento Enterprise Edition and Community Edition 2.0.10 and 2.1.2 contain multiple security enhancements to address a Zend Framework vulnerability, prevent unauthorized users from backing up Magento files, and ensure sessions are invalidated after a user logs out....
MAGMI (Magento Mass Importer), the popular Magento Data Import Tool, is often used without any protection in its default location (/magmi/web/magmi.php). Unsecure implementation of Magmi can give full access to a Magento installation, especially taking into account...
Although Magento is one of the leading eCommerce platforms that businesses use to build and manage webstores, yet security is one aspect that is neglected by a lot of Magento store owners and developers. eCommerce sites are very attractive targets because of the...