Niko Granö

Talk about programming and PHP and Sysadmin

  • Contact
  • Home
  • Privacy Policy

Magento 1

Magento 1 PHP Programming 

Magento 1: BL/CustomGrid Security Flaw

July 24, 2019July 31, 20194 years ago Niko 7730 Views 2 Comments magento1, object-injection, security, xss-injection min read

As most of people can notice, I have been going trough Magento modules lately hunting for possible security flaws. This time I decided to review BL/CustomGrid, why? This module is not maintained for long time

Read more
Verified Reviews Security Flaw
Magento 1 PHP Programming 

Magento 1: Netreviews/Avisverifies Security Flaw

July 21, 2019July 24, 20194 years ago Niko 5348 Views 0 Comments CWE-79, CWE-915, magento1, object-injection, security min read

After browsing again Magevulndb repository I encountered issue and PR open due original reporter have went 404. So I decided to give some help for these guys! Anyways, everybody wins when issues are reported. Discovering

Read more
Delete Orders Exploit
Magento 1 PHP Programming 

Magento 1: Raveinfosys/DeleteOrders Security flaw

July 15, 2019July 26, 20194 years ago Niko 5158 Views 0 Comments magento1, PHP, security, sql-injection min read

I have discovered possible SQL injection (CWE-89) on Raveinfosys/DeleteOrders extensions. This is extension to provide possibility delete orders. Like they describe it Currently, Magento® doesn’t allow you to delete an order from the store. You

Read more

PHP 7.4

PHP 7.4 is coming!
PHP Programming 

PHP 7.4 is coming!

March 10, 20194 years ago Niko 1 min read

So, finally. They made it. One of my favorite PHP releases ever. Expecting new PHP 7.4 to be released late 2019. Let’s go trough all features we are going to get in PHP 7.4. I

Categories

  • Magento 1
  • Magento 2
  • PHP
  • Programming

Subscribe for latest blogs

Loading
Buy me a coffeeBuy me a coffee
Copyright © 2023 Niko Granö.
Hosted by Iron Lions.