Blind SQL Injection Vulnerability in PrestaShop Catalog Product Edition Page

Blind SQL Injection Vulnerability in PrestaShop Catalog Product Edition Page

CVE-2020-15160 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerable to a blind SQL Injection attack in the Catalog Product edition page with location parameter. The problem is fixed in 1.7.6.8

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.