IMPRESS dotted_line CONTACT dotted_line search dotted_line Contact dotted_line sitemap dotted_line print
116 PHP-Resource users online

Switch to another languags Deutsch aktuelle Sprache Englisch
php-resource

PHP SQL injection flaw in xt: Commerce 3.0.4

Berni | comments 3 Kommentare | Neu | Beitrag gelesen 14246 gelesen |

 


In the version xt:Commerce 3.0.4 an error has been reported. xt:Commerce is a shop based on PHP

Druch a bug in a php function eregi (null byte injection) to conduct SQL injection is possible in which the admin password can be reset. The bug is in the xt: Commerce Version 4.0.13 not be included.


The xt: Commerce developers are already responding to the vulnerability and a SECURITY FIX released.


xt: Commerce is a PHP shop has already been installed more than 100,000.

 


Comments on the article
Comment article
 
2011.02.26 13:28:02 Shopware macht mir einen guten Eindruck. Danke für den Tipp. ...
2011.02.25 09:16:44 Wir haben Shopware für uns entdeckt. ...
2011.02.24 10:02:43 Welche Shopsoftware setzt Ihr so ein? ...

Show all comments...
 
Related posts
PHP SQL injection flaw in xt: Commerce 3.0.4
PHP Summit – Spring
PHP 5.3.4 schließt 100 Bugs sowie offene Angriffspunkte
Smarty 3.0.4 ist fertig
PHP SUMMIT - 18 interaktive Power Workshops mit allen wichtigen PHP-Themen

 
Links to the article
xt:Commerce SECURITY FIX für 3.0.4
About the author
Berni

Berni

State
Premium Member

Occupation
Selbstständig

Member since:
2001.01.22

Last activity
2022.08.11