PrestaShop Improper Authentication Vulnerability (CVE-2020-15079)

Description

In PrestaShop from version 1.5.0.0 and before version 1.7.6.6, there is improper access control in Carrier page, Module Manager and Module Positions. The problem is fixed in version 1.7.6.6

Remediation

References

CVE-2020-15079

Related Vulnerabilities

WordPress Plugin UpdraftPlus WordPress Backup Security Bypass (1.22.1)

MySQL CVE-2022-21607 Vulnerability (CVE-2022-21607)

PHP Other Vulnerability (CVE-2003-0860)

MySQL Resource Management Errors Vulnerability (CVE-2010-3833)

PHP Server-Side Request Forgery (SSRF) Vulnerability (CVE-2017-7272)

Severity

Medium

Classification

CVE-2020-15079 CWE-287 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:N