PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides a variety of payment methods, short message alerts and product image scaling and other features. PrestaShop suffers from a SQL injection vulnerability that stems from the module having sensitive SQL calls that can be executed via simple http calls and utilized for SQL injection. An attacker can exploit this vulnerability to cause SQl injection.
CPE | Name | Operator | Version |
---|---|---|---|
prestashop prestashop | lt | 1.8.4 |