Update! Update! Update!

Yesterday Magento released a SQL vulnerability alert. 

It has been noted that the following third-party extensions/plug-ins are vulnerable:

  • EM (Extreme Magento) Ajaxcart 
  • EM (Extreme Magento) Quickshop 
  • MD Quickview 
  • SmartWave QuickView 

It is recommended that all third-party extensions/plug-ins implemented are reviewed and updated. It is also recommended that all Magento administration user accounts are reviewed to ensure that there are no unauthorised user accounts. 

Additional protection against SQL attacks and other malicious activity can be gained by implementing  a Web Application Firewall.