Security
Headlines
HeadlinesLatestCVEs

Headline

GHSA-qv6h-pcf2-2w3g: Duplicate Advisory GHSA-hrgx-p36p-89q4

Duplicate Advisory

This advisory is a duplicate of GHSA-hrgx-p36p-89q4. This link is maintained to preserve external references.

Original Description

PrestaShop 1.6.0.10 through 1.7.x before 1.7.8.2 allows remote attackers to execute arbitrary code, aka a “previously unknown vulnerability chain” related to SQL injection, as exploited in the wild in July 2022.

ghsa
#sql#vulnerability#git

Duplicate Advisory GHSA-hrgx-p36p-89q4

Critical severity GitHub Reviewed Published Jul 23, 2022 • Updated Aug 5, 2022

Related news

PrestaShop warns of vulnerability: Update your stores now!

We take a look at a security advisory from PrestaShop which warns of compromised stores and redirected payment data. The post PrestaShop warns of vulnerability: Update your stores now! appeared first on Malwarebytes Labs.

Hackers Exploit PrestaShop Zero-Day to Steal Payment Data from Online Stores

Malicious actors are exploiting a previously unknown security flaw in the open source PrestaShop e-commerce platform to inject malicious skimmer code designed to swipe sensitive information. "Attackers have found a way to use a security vulnerability to carry out arbitrary code execution in servers running PrestaShop websites," the company noted in an advisory published on July 22. PrestaShop is

CVE-2022-36408: Major Security Vulnerability on PrestaShop Websites

PrestaShop 1.6.0.10 through 1.7.x before 1.7.8.2 allows remote attackers to execute arbitrary code, aka a "previously unknown vulnerability chain" related to SQL injection, as exploited in the wild in July 2022.