SQL Injection Affecting prestashop/prestashop package, versions >=1.6.0.10, <1.7.8.7
Snyk CVSS
Threat Intelligence
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk ID SNYK-PHP-PRESTASHOPPRESTASHOP-2959890
- published 24 Jul 2022
- disclosed 24 Jul 2022
- credit Unknown
Introduced: 24 Jul 2022
CVE-2022-31181 Open this link in a new tabHow to fix?
Upgrade prestashop/prestashop to version 1.7.8.7 or higher.
Overview
prestashop/prestashop is an Open Source e-commerce platform, committed to providing the best shopping cart experience for both merchants and customers.
Affected versions of this package are vulnerable to SQL Injection via a sequence of specially crafted HTTP requests to a vulnerable endpoint, a malicious actor may leverage a found SQLi to RCE.
Versions 1.7.8.2 and greater are not vulnerable to the previously found SQLi in this library (CVE-2021-43789 unless they are running a module or custom code which itself includes an SQL injection vulnerability that may enable this attack chain.
Note: CVE-2022-36408 is a duplicate of CVE-2022-31181.
Mitigation:
If upgrading is not possible it is recommended to physically disable the MySQL Smarty cache storage features in PrestaShop’s code, as it is suspected of being used as part of the attack vector:
In the config/smarty.config.inc.php file remove this line:
php if (Configuration::get('PS_SMARTY_CACHING_TYPE') == 'mysql') { include _PS_CLASS_DIR_.'Smarty/SmartyCacheResourceMysql.php'; $smarty->caching_type = 'mysql'; }