Description
PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerable to a blind SQL Injection attack in the Catalog Product edition page with location parameter. The problem is fixed in 1.7.6.8
Remediation
References
Related Vulnerabilities
Oracle Application Server CVE-2006-5359 Vulnerability (CVE-2006-5359)
Cherokee Improper Input Validation Vulnerability (CVE-2009-4489)
WordPress 2.8 Multiple Existing/Non-Existing Username Enumeration Weaknesses (0.6.2 - 2.8)
PrestaShop Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2011-4545)