Прежде чем всё вокруг воспринимать как неправильное и не так как вы бы хотели надо по-больше постараться:
Пример на скриншотике это как раз классическая ситуация когда разработчик кричит о багах а в ответ получает ответ что это не баг а фича. Очень распространенная ситуация не правда ли? :)
A vulnerability has recently been discovered in PHP and we recommend Magento Commerce customers adopt changes to address the issue. MS-ISAC has issued an alert related to multiple vulnerabilities that could allow for arbitrary code execution and a recommendation that all sites using PHP should update to the latest PHP version ASAP ( full alert is available here). Since Magento Commerce relies on PHP, we recommend that all Merchants using Magento Commerce review necessary updates for PHP with their hosting provider. We also recommend that Merchants complete this review and any updates by September 30 in order to mitigate the vulnerability and to avoid PCI compliance issues that may go into effect as a result of these vulnerabilities at the end of the month. For those using Magento Commerce on our cloud infastructure, please find specific information on these changes here. Per the alert, recommended patches for this vulnerability include: PHP 7.1: https://www.php.net/ChangeLog-7.php#7.1.32 PHP 7.2: https://www.php.net/ChangeLog-7.php#7.2.22 PHP 7.3: https://www.php.net/ChangeLog-7.php#7.3.9 If you would like more information on PHP and recent releases, you can visit PHP’s site. And if you have questions or would like more information on best practices for security, please check out our DevBlog article on Security.
Multiple severe vulnerabilities have been discovered in all supported PHP branches. Most of them can allow for forced code execution, which makes the risks HIGH for small, medium, and large eCommerce businesses. The patched up versions for each supported branch were released urgently, and it’s necessary that you make sure your server is upgraded to the latest version in a branch. SYSTEMS AFFECTED: PHP 7.1 versions prior to 7.1.32 (compatible X-Cart 4.7.10+; 22.214.171.124+) PHP 7.2 versions prior to 7.2.22 (compatible X-Cart 4.7.10+; 126.96.36.199+) PHP 7.3 versions prior to 7.3.9 (compatible X-Cart 5.4.0+) RECOMMENDATIONS: Contact your hosting provider and upgrade to the latest version of PHP immediately, after appropriate testing. Verify no unauthorized system modifications have occurred on system before applying the patch. Apply the principle of Least Privilege to all systems and services. For any assistance, please contact us, we’ll help you sort this out.