- Rule not working ? Check it is enabled in the rules manager !
- If you like AltaUserPoints , Thank you for rating it at the JED:
extensions.joomla.org/extensions/extensi...stems/altauserpoints

SQL Vulnerability in coupon input field

nikonoroff
Topic Author
Offline
New Member

1 year 4 months ago #45985 by nikonoroff

SQL Vulnerability in coupon input field was created by nikonoroff

Hello,
I found an annoying security hole. Has a redeemed coupon and an expired one, such as BLACKFRIDAY.
When you add a simple operator to the coupon code in combination with quotes, you can reactivate this coupon an unlimited number of times (each time adding a space so that the combination does not repeat). I do not want to post an injection example, if interested, I will send it to the administrator at the mail indicated by him.
Sincerely.

Please Log in or Create an account to join the conversation.

counterpoint
Offline
New Member

11 months 3 weeks ago #46010 by counterpoint

Replied by counterpoint on topic SQL Vulnerability in coupon input field

Please could you send details to martin at remository dot com as I'm working on an updated version of user points.

Please Log in or Create an account to join the conversation.

nikonoroff
Topic Author
Offline
New Member

11 months 3 weeks ago #46011 by nikonoroff

Replied by nikonoroff on topic SQL Vulnerability in coupon input field

Sent mail

Please Log in or Create an account to join the conversation.

Time to create page: 0.334 seconds

Featured Apps

Shop Account

Misc.

Disclaimer: Nordmograph is not affiliated with or endorsed by The Joomla! Project™. Any products and services provided through this site are not supported or warrantied by The Joomla! Project or Open Source Matters, Inc. Use of the Joomla!® name, symbol, logo and related trademarks is permitted under a limited license granted by Open Source Matters, Inc.

SQL Vulnerability in coupon input field

Featured Apps

Shop Account

Misc.

Follow Us