prestashop vuln: sql injection submitted to [email protected]

Fri, 25 Feb 2011 10:32:05 -0800 

Hello,
I am Antonio San Martino, i write you to incloude this sql injection 
vulnerabilities in your database. The vulnerable version is prestashop 1.3.3 
and 
is vulnerable to sql injection

 Vulnerable software and vendor: Prestashop,  verion: 1.3.3 - 0.246s 


Sql Injection Vulnerabilities

 Vulnerable File  Vulnerable Field 
 category.php     id_category
 cart.php            id_product
 product.php       id_product



 Vulnerability  details:  just inject ' and you get sql eror 

Thanks so much.
Kind Regards

Reply via email to