Prestashop PrestaShop SQL注入漏洞

漏洞信息详情

PrestaShop是美国PrestaShop公司的一套开源的电子商务解决方案。该方案提供多种支付方式、短消息提醒和商品图片缩放等功能。

PrestaShop 1.7.5.0版本，1.7.6.8之前版本中存在SQL注入漏洞，该漏洞允许攻击者发起SQL注入攻击。

目前厂商已发布升级补丁以修复漏洞，补丁获取链接：

https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.6.8

来源:MISC

链接:https://packetstormsecurity.com/files/162140/PrestaShop-1.7.6.7-SQL-Injection.html

来源:MISC

链接:https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.6.8

来源:MISC

链接:https://github.com/PrestaShop/PrestaShop/commit/3fa0dfa5a8f4b149c7c90b948a12b4f5999a5ef8

来源:CONFIRM

链接:https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-fghq-8h87-826g

来源:cxsecurity.com

链接:https://cxsecurity.com/issue/WLB-2021040057

来源:packetstormsecurity.com

链接:https://packetstormsecurity.com/files/162140/PrestaShop-1.7.6.7-SQL-Injection.html

来源:nvd.nist.gov

链接:https://nvd.nist.gov/vuln/detail/CVE-2020-15160

来源:www.exploit-db.com

链接:https://www.exploit-db.com/exploits/49755

暂无