Jump to content

  • You cannot start a new topic
  • You cannot reply to this topic

1.3.5 sp4 secure code Rate Topic   - - - - -

 

Posted 08 October 2008 - 02:08 AM #1

Hi
big changelog fot the 1.3.5 sp4 and I can't put the full update because I have lot of files modified and all works perfectly but I see in the changelog
[!] SEO addon: Insecure SQL query could be executed. Fixed.
is possible to modify directly the source code to securise this?
whats files?
WinMerge is my friend :)

[!] Security vulnerability discovered: it was possible to log in under any user using cookie. Fixed.
is the Security Update CS-20080901 Sep 1, 2008, 08:11 ?

Many thanks

 
  • gpro
  • Senior Member
  • Members
  • Join Date: 24-Nov 07
  • 166 posts

Posted 08 October 2008 - 02:32 AM #2

The fix for:
[!] Security vulnerability discovered: it was possible to log in under any user using cookie. Fixed.

can be found in http://helpdesk.cs-cart.com under File Area.

As for the seo addon, I have e-mailed the engineers of Cs-Cart to have a fix for.