Описание
PrestaShop boolean SQL injection
Impact
SQL injection possible in product search field, in BO's product page
Patches
8.1.1
Found by
Aleksey Solovev (Positive Technologies)
Workarounds
none
References
none
Пакеты
Наименование
prestashop/prestashop
composer
Затронутые версииВерсия исправления
<= 8.1.0
8.1.1
Связанные уязвимости
CVSS3: 6.7
nvd
больше 2 лет назад
PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, SQL injection possible in the product search field, in BO's product page. Version 8.1.1 contains a patch for this issue. There are no known workarounds.