Magento Commerce Security Vulnerabilities
We’ve been keeping close watch on Magento Commerce from it’s release. It has really filled the void of an open source e-commerce system. However, it seems there are several concerns when it is to be used in production.
Magento Commerce has been criticized in the past for being too bloated. I agree it is. A single, uncached page load takes as much as 20MB of memory, which is a bit much for a web application. While Magento can be criticized for being too bloated, many other popular apps are bloated, and that bloat can generally be solved by server tuning and hardware. The issue of Magento extends further to a much more important issue: security vulnerabilities in the administration panel.
