On 04/09/2020 at 18:09 we had a new vendor created with:
user name: SYqvyUhMZJWbiEmail: firstname.lastname@example.orgThis email is reported as spam:The question how he could register as a new vendor? This is very strange and scary.Our admin file have a long string name so it's almost impossible to guess. I think this could be an SQL injection on the home page.ThanksNicolas
Or, you possibly just had a phishing mail, best is to contact CS-Cart regarding this so that they can investigate this specific issue.
Actually my bad, It was an option to allow users to apply for vendor account.
This should be disable by default.