Description
PrestaShop is a fully scalable open source e-commerce solution. In PrestaShop before version 1.7.2 the soft logout system is not complete and an attacker is able to foreign request and executes customer commands. The problem is fixed in 1.7.7.2
Remediation
References
Related Vulnerabilities
WordPress Plugin WP eCommerce 'wpsc-transaction_results_functions.php' SQL Injection (3.8.7.5)
WordPress Plugin Email Log Information Disclosure (1.9)
Coppermine Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2008-3481)
Moodle Resource Management Errors Vulnerability (CVE-2014-7847)