Hello ,

You are receiving this email because you are kindly subscribed to the Maian Media newsletter. Please use the link below if you do not wish to receive further messages from us.

Important - Possible SQL Injection Vulnerability in Maian Cart

----------------------------------------------------------------------

r0am1ng has been kind enough to contact us about a possible SQL injection vulnerability in Maian Cart when using the remote option to add product images. Note that this is only possible if someone was to gain access to the admin interface of Maian Cart and execute the code. The level of the severity is therefore low. As a precaution we have disabled this option for now and will address it later when the cart system gets a brand new update.

If you are using the latest version of Maian Cart, please download the zip file from the Maian Cart website and update your 'admin' folder with the current version, omitting the 'control/access.php' file. The version remains as 3.8.

https://www.maiancart.com/download

We would like to thank r0am1ng for taking the time to let us know about this issue.

Kind regards,

David - Lead Developer