osCommerce Community Support Forums: All posts by defa

Jump to content

Corporate Sponsor


All posts by defa

There have been 5 posts by defa


Page 1 of 1
  1. All User Content
  2. Forums
  3. Calendar
  Topic Forum Started By Stats Last Post Info
New Replies Icon Disclosed Vulerability (SQL Inject) in Additional Images
View Post
Well - I finally fixed it on my own - find the fixed contributions on the contributions site. http://www.oscommerce.com/community/contributions,1032 bye defa

Posted on Oct 12 2005 07:18 AM by defa

 Add-Ons Development defa Icon
  • 13 Replies
  • 3,040 Views
New Replies Icon Disclosed Vulerability (SQL Inject) in Additional Images
View Post
Thank you for your information. I did allready contact the authors but...

Posted on Oct 12 2005 07:03 AM by defa

 Add-Ons Development defa Icon
  • 13 Replies
  • 3,040 Views
New Replies Icon Disclosed Vulerability (SQL Inject) in Additional Images
View Post
Here is a proof of concept - test this URI on an Shop-System with the module installed: http://www.vulnerable_shop.foo/path_to_shop/product_info.php?cPath=1&products_id=29'%20UNION%20ALL%20SELECT%20%20*%20FROM%20countries%20WHERE%20countries_id%3E'0 bye defa

Posted on Oct 12 2005 05:34 AM by defa

 Add-Ons Development defa Icon
  • 13 Replies
  • 3,040 Views
New Replies Icon Disclosed Vulerability (SQL Inject) in Additional Images
View Post
I don't want to annoy anybody - but two days ago...

Posted on Oct 08 2005 06:54 PM by defa

 Add-Ons Development defa Icon
  • 13 Replies
  • 3,040 Views
New Replies Icon SECURITY: SQL Injection in "Additional Images"
View Post
Hello! Doing forensics in an hacked shop system we found the following...

Posted on Oct 06 2005 06:41 PM by defa

 General Add-Ons Support defa Icon
  • 4 Replies
  • 954 Views

Page 1 of 1