As most of people can notice, I have been going trough Magento modules lately hunting for possible security flaws. This time I decided to review BL/CustomGrid, why? This module is not maintained for long time
Read more
After browsing again Magevulndb repository I encountered issue and PR open due original reporter have went 404. So I decided to give some help for these guys! Anyways, everybody wins when issues are reported. Discovering
Read more
I have discovered possible SQL injection (CWE-89) on Raveinfosys/DeleteOrders extensions. This is extension to provide possibility delete orders. Like they describe it Currently, Magento® doesn’t allow you to delete an order from the store. You
Read more