View Issue Details

IDProjectCategoryView StatusLast Update
0007002OXID eShop (all versions)4.04. Securitypublic2019-08-02 09:32
Reportermarco_steinhaeuser 
PriorityurgentSeveritycriticalReproducibilityalways
Status resolvedResolutionfixed 
Product Version6.1.3 
Target VersionFixed in Version6.0.5 
Summary0007002: Pre-Auth SQL injection possible
DescriptionRemote Code Execution possible due to the possibility of Pre-Auth SQL injection.
Additional InformationCredits: Robin Peraglie (ripstech.com)
TagsNo tags attached.
ThemeNot defined
BrowserNot defined
PHP VersionNot defined
MySQL VersionNot defined

Activities

There are no notes attached to this issue.