Dear friends,
This post is OUTDATED, please view the recent one.
A critical issue was found in a third-party program library PHPMailer. The vulnerability allows hackers to create files with any types of content on a server (to learn more: http://thehackernews.com/2016/12/phpmailer-security.html).
This PHPMailer library is used in CS-Cart to send emails. However, internal security systems of CS-Cart prevent file exploitation as malware PHP-scripts. Thanks to the security it is harder to make use of this vulnerability.
All versions of CS-Cart, starting with 1.2.x, are affected.
If you use CS-Cart/Multi-Vendor version 4.4.2, the upgrade to 4.4.2.SP1 will be available within next 16 hours. This update will fix the vulnerability.
To those who use earlier versions of CS-Cart we strongly recommend to fix the vulnerability manually by following these simple instructions:
For CS-Cart 1.x:
- Open the file classes/phpmailer/class.phpmailer.php
- In this file find the line:
$params = sprintf("-oi -f %s", $this->Sender);
- Replace it with the following line:
$params = sprintf("-oi -f %s", escapeshellarg($this->Sender));
For CS-Cart 2.x, 3.x:
- Open the file lib/phpmailer/class.phpmailer.php
- In this file find the line:
$params = sprintf("-oi -f %s", $this->Sender);
- Replace it with the following line:
$params = sprintf("-oi -f %s", escapeshellarg($this->Sender));
For CS-Cart 4.0.x, 4.1.x, 4.2.x:
- Open the file app/lib/other/phpmailer/class.phpmailer.php
- In this file find the line:
$params = sprintf("-oi -f %s", $this->Sender);
- Replace it with the following line:
$params = sprintf("-oi -f %s", escapeshellarg($this->Sender));
For CS-Cart 4.3.x and 4.4.x:
- Open the file app/lib/vendor/phpmailer/phpmailer/class.phpmailer.php
- In this file find the line:
$params = sprintf('-f%s', $this->Sender);
- Replace it with the following line:
$params = sprintf('-f%s', escapeshellarg($this->Sender));