Unrated severityNVD Advisory· Published Sep 24, 2020· Updated Aug 4, 2024
Blind SQL Injection in PrestaShop
CVE-2020-15160
Description
PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerable to a blind SQL Injection attack in the Catalog Product edition page with location parameter. The problem is fixed in 1.7.6.8
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2>=1.7.5.0, <1.7.6.8+ 1 more
- (no CPE)range: >=1.7.5.0, <1.7.6.8
- (no CPE)range: >= 1.7.5.0, < 1.7.6.8
Patches
Vulnerability mechanics
References
4- packetstormsecurity.com/files/162140/PrestaShop-1.7.6.7-SQL-Injection.htmlmitrex_refsource_MISC
- github.com/PrestaShop/PrestaShop/commit/3fa0dfa5a8f4b149c7c90b948a12b4f5999a5ef8mitrex_refsource_MISC
- github.com/PrestaShop/PrestaShop/releases/tag/1.7.6.8mitrex_refsource_MISC
- github.com/PrestaShop/PrestaShop/security/advisories/GHSA-fghq-8h87-826gmitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.