Magento eCommerce PHP Remote Code Execution

Check Point researchers recently discovered a critical RCE (remote code execution) vulnerability in the Magento on February 9th, 2015 The patch to the Remote Code Execution vulnerability is available on the Magento site; Magento Downloads, patch SUPEE-5344. More Technical information is available on Checkpoint This patch changes following files for community edition app/code/core/Mage/Admin/Model/Observer.php app/code/core/Mage/Core/Controller/Request/Http.php app/code/core/Mage/Oauth/controllers/Adminhtml/Oauth/AuthorizeController.php app/code/core/Mage/XmlConnect/Model/Observer.php lib/Varien/Db/Adapter/Pdo/Mysql.php Before applying Read more about Magento eCommerce PHP Remote Code Execution[…]

Magento Command line installation

In this article lets see a couple of different ways to install the latest version of Magento   Before starting click on this link check if your server has required modules to install Magento. Once you have all the modules, open you command line and paste the following sample code and hit enter. Before this do not forget to change siteurl Read more about Magento Command line installation[…]

How to add a google map to Magento

There are several ways to add google maps to webpage and this is one which is quick and easy Step 1: Go to and type your full address into the search box at the top. Ensure the resulting map is the correct location. Step 2: Follow below steps as marked Also you can select Read more about How to add a google map to Magento[…]

customize Magento Bestsellers Admin Report

For most of the Magento clients we get request for changes in Magento Reporting System. Magento by default gives basic reporting features so, if you need to more than that you need to customize or get some advance reports module available in the market. Here i will little example which allows you to add custom columns Read more about customize Magento Bestsellers Admin Report[…]

Onepica/avatax Wrong Coupon (by percent) calculation

We integrate a lot of 3rd Party Extensions and run in to different issues when the extension is free. Now we have integrated “Avatax”  with one of our client magento and we got issue that discount is not calulating as expected Ex :

Exprected :$8.8 We found out the issue with Avatax and got lucky Read more about Onepica/avatax Wrong Coupon (by percent) calculation[…]

Magento Checkout error: Undefined review error on Place order

Recently i came up with issue in Magento check out order review process. when clicking on Place order button it does not work i have tried in all browsers but still the same.The interesting thing is this issue is happening only for few random customers.I have google around and found few blogs which says this Read more about Magento Checkout error: Undefined review error on Place order[…]

Run MagentoCode Outside Of Magento

Often in magento development process, we come across the stitaution to use Magento functions and classes outside of the Magento platform. This can be easily achieved with the following ways 1) Php shell Script 2) Magento shell script PHP Shell Scirpt

  Magento shell script Now the second way of writing the scripts, if you Read more about Run MagentoCode Outside Of Magento[…]

Configuring Magento to Developer Mode

This article  explains how to configure Magento with Development Environment 1)     Disable the cache: This is very much needed in development environment as the changes you make may not reflect until you clear cache. You can do this by going to Admin Panel > System > Cache Management > Select All > Actions: Disable > Submit. Read more about Configuring Magento to Developer Mode[…]