Ariel Bra Posted April 9, 2010 Share Posted April 9, 2010 I have a problem which is as follows. I hired a company to do a security scan on my site, and their report came that I am having problems with SQL Injection in my Prestashop Version 1.3.0.1 , but specifically in cart.php.See algunas examples of tests that came in the reports:url: http://www.meusite.com/cart.php?add=&id_product=97&ipa=0&op=down') OR NULL IS NULL &token=69116700ef7cc80d0343b8c4c8b5202cvariants: 4matched: True condition:http://www.meusite.com/cart.php?add=&id_product=97&ipa=0&op=down') OR NULL IS NULL &token=69116700ef7cc80d0343b8c4c8b5202cFalse condition:http://www.meusite.com/cart.php?add=&id_product=97&ipa=0&op=down') OR 4 IS NULL &token=69116700ef7cc80d0343b8c4c8b5202c Do you know how can I fix this? Link to comment Share on other sites More sharing options...
Rémi Gaillard Posted April 12, 2010 Share Posted April 12, 2010 Hi,There is no SQL injection here.The company which you have asked have give to you bad results, the op variable is never used in SQL requests.Regards, Link to comment Share on other sites More sharing options...
safa Posted April 12, 2010 Share Posted April 12, 2010 The domain meusite.com is for salethis is spam :-S Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now