CVE-2022-36408 Information

Description

PrestaShop 1.6.0.10 through 1.7.x before 1.7.8.2 allows remote attackers to execute arbitrary code aka a \previously unknown vulnerability chain\ related to SQL injection as exploited in the wild in July 2022.

Reference

https://build.prestashop.com/news/major-security-vulnerability-on-prestashop-websites/