Description
In PrestaShop from version 1.6.0.1 and before version 1.7.6.6, the dashboard allows rewriting all configuration variables. The problem is fixed in 1.7.6.6
Remediation
References
Related Vulnerabilities
Oracle JRE CVE-2014-2401 Vulnerability (CVE-2014-2401)
MediaWiki Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-6455)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2015-0211)
Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-3057)
Microsoft SQL Server CVE-2023-36728 Vulnerability (CVE-2023-36728)