[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

prestashop vuln: sql injection submitted to bugtraq@xxxxxxxxxxxxxxxxx



Hello,
I am Antonio San Martino, i write you to incloude this sql injection 
vulnerabilities in your database. The vulnerable version is prestashop 1.3.3 and 
is vulnerable to sql injection

 Vulnerable software and vendor: Prestashop,  verion: 1.3.3 - 0.246s 


Sql Injection Vulnerabilities

 Vulnerable File  Vulnerable Field 
 category.php     id_category
 cart.php            id_product
 product.php       id_product



 Vulnerability  details:  just inject ' and you get sql eror 

Thanks so much.
Kind Regards