Hacking eCommerce sites based on OXID eShop by chaining 2 flaws
Security Affairs
JULY 30, 2019
Since the underlying database driver is per default set to PDO, an attacker can make use of stacked queries to insert a brand new admin user with a password of his choice. Below the timeline for the flaws: Date Event 11/Dec/2017 Reported a SQL Injection in OXID 4.10.6
Let's personalize your content