Research whether the Electra is vulnerable for SQL injection on inbound synchronization

codbex / codbex-electra

e-Commerce Backoffice Management Application

https://codbex.com

Eclipse Public License 2.0

0 stars 0 forks source link

Research whether the Electra is vulnerable for SQL injection on inbound synchronization #42

Closed iliyan-velichkov closed 6 months ago

iliyan-velichkov commented 7 months ago

Check whether the Electra is vulnerable for SQL injection. For example, try to insert some malicious data into OpenCart DB directly or via the UI and check whether it will affect the Electra DB during the synchronization execution.

iliyan-velichkov commented 7 months ago

will be mitigated with the fix for https://github.com/codbex/codbex-electra/issues/41

iliyan-velichkov commented 6 months ago

fixed with: https://github.com/codbex/codbex-electra/pull/94

ThuF commented 6 months ago

@iliyan-velichkov should we close this issue?