prestashop/prestashop is vulnerable to SQL injection. An attacker is able to execute arbitrary SQL queries on the target system via sending specifically crafted input through the vulnerable fetch
and save
methods which in turn call PHP’s Eval
function.
CPE | Name | Operator | Version |
---|---|---|---|
prestashop/prestashop | le | 1.7.8.7-dev | |
prestashop/prestashop | le | 1.7.8.7-dev |