logo

Database

Business information leak In prestashop/prestashop

Description

PrestaShop has potential Information exposure in the upload directory

Impact

Potential Information exposure in the upload directory.

Patches

Patch in PrestaShop 1.7.8.8

References

https://capec.mitre.org/data/definitions/87.html

Thanks to DZPATROL

Mitigation

Update Impact

Minimal update. May introduce new vulnerabilities or breaking changes.

Ecosystem
Package
Affected version
Patched versions

Aliases

1. CVE-2022-461582. NVD-2022-461583. OSV-2022-461584. GHSA-9qgp-9wwc-v29r5. GCVE-2022-46158

References

1. https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-9qgp-9wwc-v29r2. https://github.com/PrestaShop/PrestaShop/commit/8684d429fb7c3bb51efb098e8b92a1fd2958f8cf3. https://github.com/PrestaShop/PrestaShop/releases/tag/1.7.8.8

Does your application use this vulnerable software?

During the free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.