Description
PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerable to a blind SQL Injection attack in the Catalog Product edition page with location parameter. The problem is fixed in 1.7.6.8
Remediation
References
Related Vulnerabilities
Jenkins Other Vulnerability (CVE-2015-5319)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2021-20281)
Liferay Portal Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2025-43762)
Chamilo URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2026-32932)