Description
PrestaShop is an Open Source e-commerce web application. Versions prior to 8.0.4 and 1.7.8.9 contain a SQL filtering vulnerability. A BO user can write, update, and delete in the database, even without having specific rights. PrestaShop 8.0.4 and 1.7.8.9 contain a patch for this issue. There are no known workarounds.
Remediation
References
Related Vulnerabilities
WordPress Plugin Data Tables Generator by Supsystic Multiple Vulnerabilities (1.9.96)
WordPress Plugin myghpay WooCommerce Payment Gateway Cross-Site Scripting (3.0)
Serendipity Other Vulnerability (CVE-2005-1451)
PrestaShop Improper Authentication Vulnerability (CVE-2020-4074)
WordPress Plugin W4 Post List Multiple Vulnerabilities (2.4.5)