Description
File upload vulnerability in the Catalog feature in Prestashop 1.7.6.7 allows remote attackers to run arbitrary code via the add new file page.
Remediation
References
Related Vulnerabilities
WordPress Plugin Target First Live chat Unspecified Vulnerability (1.0)
WordPress Plugin BLAZE Retail Widget Malicious Code (2.5.2)
WordPress Plugin Leaky Paywall Cross-Site Scripting (4.16.5)
WordPress Plugin WP Statistics SQL Injection (13.2.8)
XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-46731)