Jump to content

[Template] Prestashop and Wordpress Theme by PrestaDesigner.com


Recommended Posts

  • 10 months later...

Not recommended.

I ordered yesterday a theme from them and i don`t received the download link. I wrote them an email and they have not bothered to answer me.

It seems that online support is down and can not trust them.

 

Nicht empfohlen.

 

Ich bestellte gestern ein Thema aus ihnen und i don `t erhalten den Download-Link. Ich schrieb sie eine E-Mail und sie haben keine Lust, mir zu antworten.

 

Es scheint, dass Online-Support ist nach unten und kann ihnen nicht trauen.

Link to comment
Share on other sites

  • 3 months later...

Not recommended!

 

Prestadesigner are shipping vulnerable modules and refuse to fix them, saying that since the vulnerability is in the backoffice, everything is OK.

 

There is a security issue in the Slide Show Home Block. It allows an authenticated user to upload PHP scripts using multiple extensions, e.g. webshell.php.gif

 

While it is true that the an access to the module configuration is required to exploit this issue, users of the application should not have the ability to upload files which, depending on the server configuration, would give them shell access and command execution on the server.

Link to comment
Share on other sites

×
×
  • Create New...