Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Improper Authentication
Vulnerability Description
In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, the authentication system is malformed and an attacker is able to forge requests and execute admin commands. The problem is fixed in 1.7.6.6.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:L
Vulnerability Type
认证机制不恰当
Vulnerability Title
PrestaShop 授权问题漏洞
Vulnerability Description
PrestaShop是美国PrestaShop公司的一套开源的电子商务解决方案。该方案提供多种支付方式、短消息提醒和商品图片缩放等功能。 PrestaShop 1.5.0.0之后版本(已在1.7.6.6版本中修复)中存在授权问题漏洞,该漏洞源于身份验证系统格式错误。攻击者可利用该漏洞发出外部请求并执行管理命令。
CVSS Information
N/A
Vulnerability Type
N/A