Lucene search
K

5 matches found

Nuclei
Nuclei
added yesterday30 views

PrestaShop - SQL Injection to Eval Injection

PrestaShop versions from 1.6.0.10 and before 1.7.8.7 contain an SQL injection caused by unsanitized user input, letting attackers chain the vulnerability to call PHP's Eval function, exploit requires attacker to send malicious input. id: CVE-2022-31181 info: name: PrestaShop - SQL Injection to Ev...

9.8CVSS7.2AI score0.0517EPSS
Exploits2References4
RedhatCVE
RedhatCVE
added 2026/01/09 8:42 a.m.12 views

CVE-2022-31181

PrestaShop is an Open Source e-commerce platform. In versions from 1.6.0.10 and before 1.7.8.7 PrestaShop is subject to an SQL injection vulnerability which can be chained to call PHP's Eval function on attacker input. The problem is fixed in version 1.7.8.7. Users are advised to upgrade. Users...

9.8CVSS7.4AI score0.0517EPSS
Exploits2References1
CVE
CVE
added 2022/08/01 7:30 p.m.274 views

CVE-2022-31181

PrestaShop versions 1.6.0.10 through 1.7.8.7 contain an SQL injection flaw caused by unsanitized user input, which can be chained to call PHP’s Eval function. The vulnerability can lead to remote code execution and is fixed in 1.7.8.7. Upgrading to 1.7.8.7 or later is the recommended remediation;...

9.8CVSS9.5AI score0.0517EPSS
In wildExploits2References3Affected Software1
Vulnrichment
Vulnrichment
added 2022/08/01 7:30 p.m.12 views

CVE-2022-31181 Remote code execution in prestashop

PrestaShop is an Open Source e-commerce platform. In versions from 1.6.0.10 and before 1.7.8.7 PrestaShop is subject to an SQL injection vulnerability which can be chained to call PHP's Eval function on attacker input. The problem is fixed in version 1.7.8.7. Users are advised to upgrade. Users...

9.8CVSS9.6AI score0.0517EPSS
Exploits2References3
CVE
CVE
added 2022/07/22 9:7 p.m.199 views

CVE-2022-36408

CVE-2022-36408 is rejected/not used; reference CVE-2022-31181 instead.

9.3AI score
In wildExploits2
Rows per page
Query Builder