Description
The store system in PrestaShop 1.7.7.0 allows time-based boolean SQL injection via the module=productcomments controller=CommentGrade id_products[] parameter.
Remediation
References
Related Vulnerabilities
Liferay DXP Insufficient Session Expiration Vulnerability (CVE-2021-33322)
Oracle Application Server CVE-2006-3709 Vulnerability (CVE-2006-3709)
MyBB Other Vulnerability (CVE-2007-1963)
WordPress Plugin Calendar Event Multi View Multiple Vulnerabilities (1.1.4)
WordPress Plugin 123ContactForm for WordPress Multiple Vulnerabilities (1.5.6)