logo
Welcome to our new AbleCommerce forums. As a guest, you may view the information here. To post to this forum, you must have a registered account with us, either as a new user evaluating AbleCommerce or an existing user of the application. For all questions related to the older version of Gold and earlier, please go to AbleCommerce Gold forum. Please use your AbleCommerce username and password to Login. New Registrations are disabled.

Notification

Icon
Error

Options
Go to last post Go to first unread
judy at Web2Market  
#1 Posted : Wednesday, June 21, 2023 7:46:01 AM(UTC)
judy at Web2Market

Rank: Advanced Member

Groups: Developers
Joined: 11/7/2018(UTC)
Posts: 303

Thanks: 21 times
Was thanked: 5 time(s) in 5 post(s)
I noticed this list of emails to send a back in stock notification to while I was troubleshooting a related issue. Is there any email validation on the form to for customer to request back in stock notification? Here is what I see in the admin for one site.
testing@example.com, testing@example.com' AND 2*3*8=6*8 AND 'eKpW'='eKpW, testing@example.com" AND 2*3*8=6*8 AND "WKay"="WKay, testing@example.com%' AND 2*3*8=6*8 AND 'Y6nQ'!='Y6nQ%, testing@example.com'||', testing@example.com'|||', testing@example.com'||DBMS_PIPE.RECEIVE_MESSAGE(CHR(98)||CHR(98)||CHR(98),15)||', testing@example.com' AND 2*3*8=6*8 AND 'GuGw'='GuGw, testing@example.com" AND 2*3*8=6*8 AND "EZrN"="EZrN, testing@example.com%' AND 2*3*8=6*8 AND 'Guou'!='Guou%, testing@example.com...

Wanna join the discussion?! Login to your AbleCommerce Forums forum account. New Registrations are disabled.

Katie S  
#2 Posted : Wednesday, June 21, 2023 2:24:13 PM(UTC)
Katie S

Rank: Advanced Member

Groups: System, Administrators, Developers, Registered, HelpDesk
Joined: 10/29/2018(UTC)
Posts: 472

Thanks: 4 times
Was thanked: 34 time(s) in 33 post(s)
Hi Judy,

This was another issue we fixed in the last release of 9.0.8. Email validation was improved and prevention of SQL injection code.

Issue ID AC9-2081
Thanks for your support!

Katie
Secure eCommerce Software and Hosting
Users browsing this topic
Guest
Forum Jump  
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.