CVE-2020-15160

Severity CVSS v4.0:
Pending analysis
Type:
CWE-89 SQL Injection
Publication date:
24/09/2020
Last modified:
05/05/2021

Description

PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerable to a blind SQL Injection attack in the Catalog Product edition page with location parameter. The problem is fixed in 1.7.6.8

Vulnerable products and versions

CPE From Up to
cpe:2.3:a:prestashop:prestashop:*:*:*:*:*:*:*:* 1.7.5.0 (including) 1.7.6.8 (excluding)