Re: prestashop vuln: sql injection submitted to firstname.lastname@example.org
- From: nebojsa@xxxxxxxxxxxxxx
- Date: 28 Feb 2011 16:43:46 -0000
This bug have been posted on our bugtracker with a fake sql injection, we have answered to him.
We have tested all core version since 1.2, and there is no possible injection, maybe he have used a module which is not developped by PrestaShop and which is vulnerable.
CTO @ PrestaShop
- Prev by Date: [security bulletin] HPSBPI02635 SSRT100391 rev.1 - HP Web Jetadmin Running on Windows, Local Unauthorized Access to Managed Resources
- Next by Date: FreeBSD crontab information leakage
- Previous by thread: prestashop vuln: sql injection submitted to email@example.com
- Next by thread: [BMSA-2011-01] Insecure secure cookie in web.go