The security researcher states he's discovered an overall total of fourteen risky vulnerabilities in OpenCart. Yet, since the tasks' front developer is evidently reluctant to deal with security problems, he advises that citizens travel from OpenCart as soon as possible.OpenCart has developed to be one of the most admired open source online shopping cart techniques with osCommerce, Zen Cart and Magento. The software can be used through a large number of internet stores, which manage delicate client elevators every day basis.

In the publish released last night upon his weblog, Mr. Vela describes that some time back he attempted to statement a number of serious weaknesses towards the OpenCart project on behalf of a equal researcher that found them. Among these, there is a Local File Inclusion (LFI) error, a matter allowing remote irrelevant code and an essential cross-site request forgery (CSRF) microbe, which could be oppressed to consider total charge of the net software.

According to the researcher, that remains to accountable disclosure methods, this is the reaction he got through Daniel Kerr, the OpenCart guide creator: "I choose if you mind your own business and never trouble me or the opencart community. The abuse that is becoming discussed will be set in the next release. I don't require the services you receive. Stop throwing away time. Cease bothering me personally!" Since then, additional security audits of OpenCart carried out by Mr. Vela and the affiliates have exposed a total of fourteen risky weaknesses, which, giving Daniel Kerr's mindset in the direction to security will most likely never get fixed. Therefore, the only real recommendation left to give to website owners would be to stop using the item completely.