CRITICAL 9.1
GHSA-gf46-prm4-56pc
PrestaShop SQL manager vulnerability
Details
### Impact Remote code execution through SQL injection and arbitrary file write in back office
### Patches 1.7.8.10 8.0.5 8.1.1
### Found by Truff (via yeswehack)
### Workarounds none
### References none
Are you affected?
Enter the version of the package you're using.
Affected packages
Packagist / prestashop/prestashop
Introduced in:
8.1.0 Fixed in: 8.1.1 Fix
composer require prestashop/prestashop:^8.1.1 Packagist / prestashop/prestashop
Introduced in:
8.0.0 Fixed in: 8.0.5 Fix
composer require prestashop/prestashop:^8.0.5 Packagist / prestashop/prestashop
Introduced in:
0 Fixed in: 1.7.8.10 Fix
composer require prestashop/prestashop:^1.7.8.10