SQL Injection Affecting prestashop/prestashop package, versions >=1.6.0.10, <1.7.8.7
Threat Intelligence
Snyk has a published code exploit for this vulnerability.
The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-PHP-PRESTASHOPPRESTASHOP-2959890
- published24 Jul 2022
- disclosed24 Jul 2022
- creditUnknown
Introduced: 24 Jul 2022
CVE-2022-31181 (opens in a new tab)How to fix?
Upgrade prestashop/prestashop to version 1.7.8.7 or higher.
Overview
prestashop/prestashop is an Open Source e-commerce platform, committed to providing the best shopping cart experience for both merchants and customers.
Affected versions of this package are vulnerable to SQL Injection via a sequence of specially crafted HTTP requests to a vulnerable endpoint, a malicious actor may leverage a found SQLi to RCE.
Versions 1.7.8.2 and greater are not vulnerable to the previously found SQLi in this library (CVE-2021-43789 unless they are running a module or custom code which itself includes an SQL injection vulnerability that may enable this attack chain.
Note: CVE-2022-36408 is a duplicate of CVE-2022-31181.
Mitigation:
If upgrading is not possible it is recommended to physically disable the MySQL Smarty cache storage features in PrestaShop’s code, as it is suspected of being used as part of the attack vector:
In the config/smarty.config.inc.php file remove this line:
if (Configuration::get('PS_SMARTY_CACHING_TYPE') == 'mysql') {
include _PS_CLASS_DIR_.'Smarty/SmartyCacheResourceMysql.php';
$smarty->caching_type = 'mysql';
}```