Description

In PrestaShop from version 1.6.0.1 and before version 1.7.6.6, the dashboard allows rewriting all configuration variables. The problem is fixed in 1.7.6.6

Remediation

References

CVE-2020-15082

Related Vulnerabilities

WordPress Plugin WP Private Message Insecure Direct Object Reference (1.0.5)

SharePoint CVE-2019-1034 Vulnerability (CVE-2019-1034)

Joomla Improper Access Control Vulnerability (CVE-2015-7899)

WordPress Plugin Visitor Traffic Real Time Statistics Security Bypass (2.11)

Internet Information Services Other Vulnerability (CVE-2000-0884)

Severity

High

Classification

CVE-2020-15082 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities