Jump to content

CubeCart 4.3.6 Release + Important Security Update


Al Brookbanks

Recommended Posts

After our recent security patch of 2nd November we regret that we have been informed that there was still a vulnerability in the admin authentication system. This has been patched and verified by the security expert who reported this to us. This message is displayed in the admin control panel of every CubeCart v4 store but please do help us spread the word.

Two options are available...

Option 1 - For those who don't wish upgrade to CubeCart 4.3.6

Patching your store is straightforward. Please download the following attached file and upload it over your existing one.

classes/session/cc_admin_session.php

For CubeCart ≥ 4.3.0

cc_admin_session.phpFor CubeCart < 4.3.0

cc_admin_session.php

Option 2 - Upgrade to CubeCart 4.3.6

CubeCart 4.3.6 can be downloaded from your "Dashboard" of your customer area. The archive contains a "Read Me.txt" file with upgrade instructions. Alternatively it is possible to purchase our "Install / Upgrade Service" here and we will take care of any code changes required for those who run third party or customised skins. Any 3rd party PHP code modifications will be lost.

What's new in 4.3.6?

- Important Vulnerability Patch (See Above)

- By popular demand Recapcha is now customisable per skin.

The exact skin changes can be found in the file difference below:

4.3.5___4.3.6_File_Comparison_Report.htm

Skin files changed/added:

- skins/{skin in use}/styleTemplates/content/forgotPass.tpl

- skins/{skin in use}/styleTemplates/content/recaptcha.tpl (New!)

- skins/{skin in use}/styleTemplates/content/tellafriend.tpl

- skins/{skin in use}/styleTemplates/content/viewProd.tpl

Upload the recaptcha.tpl file then find:

{RECAPTCHA}
Replace with:
{FILE "content/recaptcha.tpl"}

We apologise for having to release a new version of CubeCart so soon after the last one but security is our number one priority. If you have any problems, questions or concerns please contact our staff.

Link to comment
Share on other sites

×
×
  • Create New...