Lucene search

K
securityvulnsSecurityvulnsSECURITYVULNS:DOC:25778
HistoryFeb 24, 2011 - 12:00 a.m.

prestashop vuln: sql injection

2011-02-2400:00:00
vulners.com
119
  1. Vulnerable software and vendor
    Prestashop
    verion: 1.3.3 - 0.246s

Vulnerable File Vulnerable Field
category.php id_category
cart.php id_product
product.php id_product

  1. Vulnerability classification
    Sql Injection

  2. Vulnerability details (and reproduction steps, if you want to
    disclosure it).
    just inject ' and you get sql eror

  3. If vendor was notified or not.
    Yes, already fixed in 3.7.0