Description
PrestaShop is an Open Source e-commerce web application. Versions prior to 8.0.4 and 1.7.8.9 contain a SQL filtering vulnerability. A BO user can write, update, and delete in the database, even without having specific rights. PrestaShop 8.0.4 and 1.7.8.9 contain a patch for this issue. There are no known workarounds.
Remediation
References
Related Vulnerabilities
PostgreSQL Numeric Errors Vulnerability (CVE-2010-0442)
WordPress 4.8.x Multiple Vulnerabilities (4.8 - 4.8.10)
Drupal Core 7.x Cross-Site Request Forgery (7.0 - 7.12)
WordPress Plugin Enable Media Replace Arbitrary File Upload (4.0.1)
Moodle Server-Side Request Forgery (SSRF) Vulnerability (CVE-2018-1042)