Description
PrestaShop is an Open Source e-commerce web application. Versions prior to 8.0.4 and 1.7.8.9 contain a SQL filtering vulnerability. A BO user can write, update, and delete in the database, even without having specific rights. PrestaShop 8.0.4 and 1.7.8.9 contain a patch for this issue. There are no known workarounds.
Remediation
References
Related Vulnerabilities
WordPress Plugin Image Gallery-Responsive Photo Gallery SQL Injection (1.8.9)
WordPress Plugin SAML SP Single Sign On-SSO login Cross-Site Scripting (4.8.83)
TYPO3 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2017-14251)
WordPress Plugin Broken Link Manager Cross-Site Scripting (0.5.5)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-5868)