VP-ASP :: Shopping Cart Software

Shopping Cart Software Solutions for anywhere in the World

US/Canada(Toll Free): +1 888 587 2278
Europe/UK: +44 (020) 7193 9408
Australia/New Zealand: +61 3 9016 4497

VP-ASP Shopping Cart Customer Forum

Home | Profile | Register | Active Topics | Members | Search | FAQ
Username:
Password:
Save Password
Forgot your Password?

 All Forums
 VPCart Forum
 Problems and bugs
 Saved Cart''s and Wishlist
 New Topic  Reply to Topic
 Printer Friendly
Author Previous Topic Topic Next Topic  

fecal_storm
Starting Member

14 Posts

Posted - April 02 2005 :  21:16:42  Show Profile  Reply with Quote
Not sure if this happens with saved carts, but I recently saved a cart with a small quote in the name "Zach's Cart" and it causes a SQL fail error if you attempt to restore or delete because the quote is not escaped. I was able to escape the quote in the actual URL string and get the cart deleted, but it would not be so easy for a non developer to figure out what was wrong.

greatphoto
VP-ASP Super User

USA
304 Posts

Posted - April 03 2005 :  00:23:05  Show Profile  Reply with Quote
Could this be used as a SQL injection vulnerability?

Go to Top of Page
  Previous Topic Topic Next Topic  
 New Topic  Reply to Topic
 Printer Friendly
Jump To:
Snitz Forums 2000