PHP SQL injection flaw in xt: Commerce 3.0.4
In the version xt:Commerce 3.0.4 an error has been reported. xt:Commerce is a shop based on PHP
2011-02-21 00:00:00 2011-02-21 00:00:00 admin
Druch a bug in a php function eregi (null byte injection) to conduct SQL injection is possible in which the admin password can be reset. The bug is in the xt: Commerce Version 4.0.13 not be included.
The xt: Commerce developers are already responding to the vulnerability and a SECURITY FIX released.
xt: Commerce is a PHP shop has already been installed more than 100,000.
Say thank you!
You like the article and want to thank the author? Send him an amount of your choice.
Say thanks!
Related topics
xt:Commerce 6.5 for PHP 8.1 and new PayPal Checkout
The open source online store software xt:Commerce now supports PHP 8.1. in version 6.5 and discontinues support for PHP 7.4. ...
Autor :
TheMax
Category:
Software-Updates
PHP Summit – Spring
Vom 21 bis 23. März 2011 präsentiert das PHP Magazin und die Entwickler Akademie den nächsten PHP Summit ...
Autor :
admin
Category:
Software & Web-Development
PHP World Kongress – 24. – 25. November 2009 Konferenzzentrum München
€ 100,- Rabatt für Besucher von www.php-resource.de! ...
Autor :
admin
Category:
Miscellaneous
PHP World Kongress 2009 in München
Pierre Joye, Leiter Core-Team für PHP unter Windows stellt die aktuellste und die kommende PHP-Version vor. ...
Autor :
admin
Category:
Software & Web-Development
PHP Summit 2012 – 18 interaktive Power Workshops mit allen wichtigen PHP-Themen
In weniger als zwei Wochen ist es soweit: Dann startet der nächste PHP Summit in München. ...
Autor :
admin
Category:
Software & Web-Development
Which technologies should a PHP programmer master?
In today's digital world, the role of a PHP programmer is of great importance. ...
Autor :
admin
Category:
Miscellaneous
