VDB
KO
CRITICAL 9.1

GHSA-gf46-prm4-56pc

PrestaShop SQL manager vulnerability

Details

### Impact Remote code execution through SQL injection and arbitrary file write in back office

### Patches 1.7.8.10 8.0.5 8.1.1

### Found by Truff (via yeswehack)

### Workarounds none

### References none

Are you affected?

Enter the version of the package you're using.

Affected packages

Packagist / prestashop/prestashop
Introduced in: 8.1.0 Fixed in: 8.1.1
Fix composer require prestashop/prestashop:^8.1.1
Packagist / prestashop/prestashop
Introduced in: 8.0.0 Fixed in: 8.0.5
Fix composer require prestashop/prestashop:^8.0.5
Packagist / prestashop/prestashop
Introduced in: 0 Fixed in: 1.7.8.10
Fix composer require prestashop/prestashop:^1.7.8.10

References