01642 06 11 11 Arrange Call

Blind SQL Injection Vulnerability in PrestaShop Catalog Product Edition Page

CVE-2020-15160 · CRITICAL

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE-2020-15160

PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerable to a blind SQL Injection attack in the Catalog Product edition page with location parameter. The problem is fixed in 1.7.6.8

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.