osCommerce recommended a few months ago that osCommerce users update to the latest version, osCommerce 2.2 Milestone 2 051112 Update. The update "addresses security related issues and bug reports that exist in the released version". The changes are minimal and are not expected to break compatibility with contributions (third-party plugins). Additional information:
This update release focuses solely on security related issues and bug reports, and does not introduce any new features that have been made for the next development milestone release.
This release is a full release package containing updated source files, documentation, and information on what changes have been made to easily apply to existing installations.
This update release includes the following changes:
* PHP 5 compatibility updates
* MySQL 5 compatibility updates
* Cross Site Scripting fixes
* HTTP/E-Mail header injection fixes
* Database data input updates
* File Manager file saving fixes
* Split Page Result class fixes