2 matches found
CVE-2023-30545 PrestaShop arbitrary file read vulnerability
PrestaShop is an Open Source e-commerce web application. Prior to versions 8.0.4 and 1.7.8.9, it is possible for a user with access to the SQL Manager Advanced Options - Database to arbitrarily read any file on the operating system when using SQL function LOADFILE in a SELECT request. This gives...
CVE-2023-30545
The CVE-2023-30545 vulnerability affects PrestaShop prior to versions 8.0.4 and 1.7.8.9. A user with access to the SQL Manager (Advanced Options → Database) can read arbitrary files on the operating system by using the SQL function LOAD_FILE in a SELECT request, exposing confidential information....