IMPRESS dotted_line CONTACT dotted_line search dotted_line Contact dotted_line sitemap dotted_line print
116 PHP-Resource users online

Switch to another languags Deutsch aktuelle Sprache Englisch

PHP SQL injection flaw in xt: Commerce 3.0.4

Berni | comments 3 Kommentare | Neu | Beitrag gelesen 14246 gelesen |


In the version xt:Commerce 3.0.4 an error has been reported. xt:Commerce is a shop based on PHP

Druch a bug in a php function eregi (null byte injection) to conduct SQL injection is possible in which the admin password can be reset. The bug is in the xt: Commerce Version 4.0.13 not be included.

The xt: Commerce developers are already responding to the vulnerability and a SECURITY FIX released.

xt: Commerce is a PHP shop has already been installed more than 100,000.


Comments on the article
Comment article
2011.02.26 13:28:02 Shopware macht mir einen guten Eindruck. Danke für den Tipp. ...
2011.02.25 09:16:44 Wir haben Shopware für uns entdeckt. ...
2011.02.24 10:02:43 Welche Shopsoftware setzt Ihr so ein? ...

Show all comments...
Related posts
PHP SQL injection flaw in xt: Commerce 3.0.4
PHP Summit – Spring
PHP 5.3.4 schließt 100 Bugs sowie offene Angriffspunkte
Smarty 3.0.4 ist fertig
PHP SUMMIT - 18 interaktive Power Workshops mit allen wichtigen PHP-Themen

Links to the article
xt:Commerce SECURITY FIX für 3.0.4
About the author


Premium Member


Member since:

Last activity