Jump to content

[Solved]Incorrect order with product prices


Recommended Posts

Hi

PrestaShop 1.7.7.8 upgraded slowly over time from 1.7.2

PHP 7.3

Paypal Module 

Australia Post Module

Email Verification Module 

 

The site received an order with one of the products at an odd total.

The product is $98.89 for one kilogram and it sold for $44.50 on the order invoice total.

I have checked the site and placed a test order and it proves working correctly the product is displayed as $98.89

https://rangeviewseeds.com/broccoli/958-677-microgreens-and-baby-leaf-broccoli-green-sprouting.html#/30-packet_size-1kg

 

The order was for several products and their totals all came out right in the invoice

 

I thought of a feature request however it may go against some rules and this is the include the users internet information such as browser and device with each order for internal use.

 

The order came from the Android 11 with Chrome from the http log

 

I will update the custom template or use the default ,it must be the cause 

 

 

Edited by Jesse
Solved (see edit history)
Link to comment
Share on other sites

  • Jesse changed the title to [Solved]Incorrect order with product prices
  • 3 weeks later...

I have almost certainly confirmed this issue,

and 

https://www.prestashop.com/forums/topic/1053817-missed-order-no-address/

 

As a hack attempt via SQL injection.

 

This is a real weak spot i am aware a module can be purchased.

 

There was a SQL injection security breech with Prestashop a couple versions ago however seemed unrelated to this shop as it is not running the comments module.

Its seems this has started a Prestashop SQL Injection game around the internet,two outdated sites have been affected from observation.

One has a 600mb SQL database

Link to comment
Share on other sites

On 10/24/2021 at 2:14 PM, Jesse said:

I have almost certainly confirmed this issue,

and 

https://www.prestashop.com/forums/topic/1053817-missed-order-no-address/

 

As a hack attempt via SQL injection.

 

This is a real weak spot i am aware a module can be purchased.

 

There was a SQL injection security breech with Prestashop a couple versions ago however seemed unrelated to this shop as it is not running the comments module.

Its seems this has started a Prestashop SQL Injection game around the internet,two outdated sites have been affected from observation.

One has a 600mb SQL database

It is not a Prestashop's Security fault,it was an outdated computer used to access the admin.

I will be moving this business to Ubuntu Linux  for accessing the admin 

Link to comment
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...