In Nublue Blog SUPEE-5994 patches for Magento 1.4 and 1.3 Posted by Tom Magento have released the SUPEE-5994 patch which address multiple vulnerabilities as detailed here here . Patches are available directly from Magento https://www.magentocommerce.com/products/downloads/magento/ for Magento versions 184.108.40.206 upwards. As per our previous article https://www.nublue.co.uk/blog/magento-remote-code-execution-bug-patches-for-pre-1-6-versions/ we have decided to create patches for Magento 1.3 and Magento 1.4.0. Important information Our advice is always that you maintain the latest stable versions of all your web applications, including Magento, to reduce your security exposure to a minimum. However, we do realise that many Magento users run older versions for a number of reasons – this is the why we decided to release patches for Magento 1.3, 1.4, to assist you in protecting your legacy version of Magento. Our Magento patch downloads If you run Magento 1.3 – Magento 1.3 SUPEE-5994 Remote Code Execution Patch If you run Magento 1.4 – Magento 1.4 SUPEE-5994 Remote Code Execution Patch To apply navigate to your webspace root using ssh (in the case of Plesk it this would be /var/www/vhosts/yourmagento.com/httpdocs/) Then run: Shell patch -p1 -i name.patch 1 patch -p1 -i name.patch We’ve tested these patches on installs of Magento 1.3 & 1.4, but as always we must mention that downloading and using these patches is done so at your own risk – Please backup your website as a precursor to applying them. Although these patches are free to use by anyone with a Magento 1.3 or 1.4 website, we can’t accept responsibility for any potential issues that could be caused by their incorrect use. Please check the patch files and your Magento version prior to applying the linked patches. Please feel free to share this blog with anyone you think might benefit from these patches. If you have any questions, just leave a comment below and we’ll get back to you.