Description
PrestaShop is an open source e-commerce web application. Prior to version 8.1.1, it is possible to delete a file from the server by using the Attachments controller and the Attachments API. Version 8.1.1 contains a patch for this issue. There are no known workarounds.
Remediation
References
Related Vulnerabilities
WordPress Plugin Rencontre-Dating Site Multiple Vulnerabilities (3.2.1)
OpenSSL Numeric Errors Vulnerability (CVE-2016-2181)
Internet Information Services Other Vulnerability (CVE-2002-0074)
WordPress Plugin Slimstat Analytics Cross-Site Scripting (0.9.2)
ownCloud Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-6403)