Описание
Duplicate Advisory GHSA-hrgx-p36p-89q4
Duplicate Advisory
This advisory is a duplicate of GHSA-hrgx-p36p-89q4. This link is maintained to preserve external references.
Original Description
PrestaShop 1.6.0.10 through 1.7.x before 1.7.8.2 allows remote attackers to execute arbitrary code, aka a "previously unknown vulnerability chain" related to SQL injection, as exploited in the wild in July 2022.
Пакеты
prestashop/prestashop
>= 1.6.0.10, < 1.7.8.2
1.7.8.2
Связанные уязвимости
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-31181. Reason: This candidate is a duplicate of CVE-2022-31181. A typo caused the wrong ID to be used. Notes: All CVE users should reference CVE-2022-31181 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage
Уязвимость веб-приложения для электронной коммерции с открытым кодом PrestaShop, связанная с непринятием мер по защите структуры SQL-запроса, позволяющая нарушителю выполнить произвольный код