Security Notices - SQL Injection reports
Some old versions of Vik Appointments, Vik Rent Car and Vik Rent Items used to have security issues on a few front-end files. This security flaw could lead to SQL Injection attacks. The flaws have been listed on the Internet but the vulnerability reports may be false, because related to older versions of the extensions. It is important to make sure to be using the latest version of the software to avoid any potentional risk of SQL Injection.
Older versions of Vik Appointments, Vik Rent Car and Vik Rent Items used to have security issues that could lead to SQL Injection. These flaws have been listed on the Internet with vulnerability reports that are actually related to previous versions of the ones they say to have tested.
Due to the fact that these vulnerability reports are now public on a popular software exploit website, it is fundamental to update to the latest version available for your Vik-extension.
Vik Appointments security
If you have purchased Vik Appointments 1.5, or if you have updated to the version 1.5, then your extension is safe (Exploit ref. 41602).
Vik Rent Car security
If you have purchased Vik Rent Car 1.11, or if you have updated to the version 1.11, then your extension is safe (Exploit ref. 41604).
Vik Rent Items security
If you have purchased Vik Rent Items 1.4, or if you have updated to the version 1.4, then your extension is safe (Exploit ref. 41603).
Please contact us should you have any questions in regards to these exploits and vulnerability reports. In any case, the solution to the problems will always be to update to the latest version of your Vik-extension. If you are using the latest version available, then you can stay sure the extension is safe.