| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 25 Feb 2011 06:44:07 +0000 (GMT)
From: "Antonio S.M" <antonio_s_martino@...oo.es>
To: bugtraq@...urityfocus.com
Cc: antonio_s_martino@...oo.es
Subject: prestashop vuln: sql injection submitted to bugtraq@...urityfocus.com
Hello,
I am Antonio San Martino, i write you to incloude this sql injection
vulnerabilities in your database. The vulnerable version is prestashop 1.3.3 and
is vulnerable to sql injection
Vulnerable software and vendor: Prestashop, verion: 1.3.3 - 0.246s
Sql Injection Vulnerabilities
Vulnerable File Vulnerable Field
category.php id_category
cart.php id_product
product.php id_product
Vulnerability details: just inject ' and you get sql eror
Thanks so much.
Kind Regards
Powered by blists - more mailing lists