[quote name=‘Unregistered’]4) Did some research and found were there are some sql injection vulnerability with cs-cart, has this been fixed yet? [/QUOTE]
…are you serious? what’d you expect as an answer here?
Obviously #4 is not something we believe to be ‘allowed’ in the public forums.
All security bugs that are reported to cs-cart are usually fixed with 24 hours of acknowledgement. Obviously implementation is the responsibility of the store provider. The last known security issue that I recall being via SQL injections was back in 1.3.3 Sp1, we are currently at 1.3.4 Sp3 with 1.3.5 expected within the the next 3-5 months.
[quote]3) Can you install the cart internal on your lan for development purposes and then publish to the internet. I did not see were this was allowed in the license agreement? Or does the install require to “phone home” via the internet to validate license via url? Also, does the cart “phone home” periodically? On another cart forum there was speculation of this but I take that with a grain of salt.[/quote]
CS-cart does ‘phone’ home via the sendmail function which is also a requirement for the store to run effectively (otherwise use SMTP mail)
CS-CART is rather allowing when it comes to installations providing that you do not publish/allow viewing in the public domain.
Overall setting the cart up on your own home Lan should not be a problem as it’s not available to the public
I unfortunately cannot comment on Questions 1/2.
Regards,
Jesse-Lee