Lucene search

GitHub Advisory DatabaseGHSA-HRGX-P36P-89Q4

HistoryJul 29, 2022 - 10:27 p.m.

PrestaShop eval injection possible if shop vulnerable to SQL injection

2022-07-2922:27:27

CWE-89

CWE-95

GitHub Advisory Database

github.com

109

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

59.0%

JSON

Impact

Eval injection possible if the shop is vulnerable to an SQL injection.

Patches

The problem is fixed in version 1.7.8.7

Workarounds

Delete the MySQL Smarty cache feature by removing these lines in the file config/smarty.config.inc.php lines 43-46 (PrestaShop 1.7) or 40-43 (PrestaShop 1.6):

if (Configuration::get('PS_SMARTY_CACHING_TYPE') == 'mysql') {
    include _PS_CLASS_DIR_.'Smarty/SmartyCacheResourceMysql.php';
    $smarty-&gt;caching_type = 'mysql';
}

Affected configurations

Vulners

Node

prestashopprestashopRange<1.7.8.7

CPENameOperatorVersion
prestashop/prestashoplt1.7.8.7

CPE	Name	Operator	Version
	prestashop/prestashop	lt	1.7.8.7

References

github.com/advisories/GHSA-hrgx-p36p-89q4

github.com/PrestaShop/PrestaShop/commit/b6d96e7c2a4e35a44e96ffbcdfd34439b56af804

github.com/PrestaShop/PrestaShop/releases/tag/1.7.8.7

github.com/PrestaShop/PrestaShop/security/advisories/GHSA-hrgx-p36p-89q4

nvd.nist.gov/vuln/detail/CVE-2022-31181

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

0.002 Low

EPSS

Percentile

59.0%

JSON

Related for GHSA-HRGX-P36P-89Q4