Description
In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, the authentication system is malformed and an attacker is able to forge requests and execute admin commands. The problem is fixed in 1.7.6.6.
Remediation
References
Related Vulnerabilities
WordPress Plugin wpForo Forum Multiple Vulnerabilities (2.1.7)
WordPress Plugin WP-Live Chat by 3CX Cross-Site Scripting (8.0.27)
Jboss EAP Credentials Management Errors Vulnerability (CVE-2012-0034)
WordPress Plugin Profile Builder-User Profile & User Registration Forms Cross-Site Scripting (3.4.7)