Arbitrary Code Execution via File Upload in PrestaShop 1.6.x and 1.7.x

Arbitrary Code Execution via File Upload in PrestaShop 1.6.x and 1.7.x

CVE-2018-19126 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to execute arbitrary code via a file upload.

Learn more about our Web Application Penetration Testing UK.