Prestashop Cartium 1.3.3 Cross Site Scripting

Hello, In Prestashop Cartium 1.3.3 I have detected multiple Cross Site Scripting XSS vulnerabilities: File Field categoty.php idcategory product.php idproduct search.php searchquery Test pattern for vulnerable versions: "alert1 Kind Regards Antonio San Martino...

Prestashop Cartium 1.3.3 - 0.246s SQL Injection

Vulnerable software and vendor: Prestashop, verion: 1.3.3 - 0.246s Sql Injection Vulnerabilities Vulnerable File Vulnerable Field category.php idcategory cart.php idproduct product.php idproduct Vulnerability details: just inject ' and you get sql eror...