Sansec logo

Vulnerable modules


by Team Sansec

Published in Guides

eComscan will find and report known insecure modules. A team of security researchers maintains a database of vulnerable version numbers.

You may have disabled or renamed a vulnerable module, but still get an alert. This is intended, because sometimes insecure modules still pose a threat, even when they are marked as "disabled".

You may have manually patched a vulnerability, for example when no official fix or update is available. To stop eComscan from reporting this module, you should add -patch to the version number (for Magento 1, this is under Vendor/Module/etc/config.xml).

Need expert advice? We are here to help!

Stay up to date with the latest eCommerce attacks

Sansec logo

experts in eCommerce security

Terms & Conditions
Privacy & Cookie Policy
Company Reg 77165187
Tax NL860920306B01