Headline
GHSA-qv6h-pcf2-2w3g: Duplicate Advisory GHSA-hrgx-p36p-89q4
Duplicate Advisory
This advisory is a duplicate of GHSA-hrgx-p36p-89q4. This link is maintained to preserve external references.
Original Description
PrestaShop 1.6.0.10 through 1.7.x before 1.7.8.2 allows remote attackers to execute arbitrary code, aka a “previously unknown vulnerability chain” related to SQL injection, as exploited in the wild in July 2022.
Duplicate Advisory GHSA-hrgx-p36p-89q4
Critical severity GitHub Reviewed Published Jul 23, 2022 • Updated Aug 5, 2022
Related news
We take a look at a security advisory from PrestaShop which warns of compromised stores and redirected payment data. The post PrestaShop warns of vulnerability: Update your stores now! appeared first on Malwarebytes Labs.
Malicious actors are exploiting a previously unknown security flaw in the open source PrestaShop e-commerce platform to inject malicious skimmer code designed to swipe sensitive information. "Attackers have found a way to use a security vulnerability to carry out arbitrary code execution in servers running PrestaShop websites," the company noted in an advisory published on July 22. PrestaShop is
PrestaShop 1.6.0.10 through 1.7.x before 1.7.8.2 allows remote attackers to execute arbitrary code, aka a "previously unknown vulnerability chain" related to SQL injection, as exploited in the wild in July 2022.