Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
External control of configuration setting in the dashboard in PrestaShop
Vulnerability Description
In PrestaShop from version 1.6.0.1 and before version 1.7.6.6, the dashboard allows rewriting all configuration variables. The problem is fixed in 1.7.6.6
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:L
Vulnerability Type
N/A
Vulnerability Title
PrestaShop 安全漏洞
Vulnerability Description
PrestaShop是美国PrestaShop公司的一套开源的电子商务解决方案。该方案提供多种支付方式、短消息提醒和商品图片缩放等功能。 PrestaShop 1.6.0.1版本和1.7.6.6之前版本(已在1.7.6.6版本中修复)中存在安全漏洞。攻击者可利用该漏洞重写所有配置变量。
CVSS Information
N/A
Vulnerability Type
N/A