Skip to content

Chain: SQL Injection (CWE-89) and Eval Injection (CWE-95)

Critical
atomiix published GHSA-hrgx-p36p-89q4 Jul 25, 2022

Package

composer prestashop/prestashop (Composer)

Affected versions

>= 1.6.0.10

Patched versions

1.7.8.7

Description

Impact

Eval injection possible if the shop is vulnerable to an SQL injection.

Patches

The problem is fixed in version 1.7.8.7

Workarounds

Delete the MySQL Smarty cache feature by removing these lines in the file config/smarty.config.inc.php lines 43-46 (PrestaShop 1.7) or 40-43 (PrestaShop 1.6):

if (Configuration::get('PS_SMARTY_CACHING_TYPE') == 'mysql') {
    include _PS_CLASS_DIR_.'Smarty/SmartyCacheResourceMysql.php';
    $smarty->caching_type = 'mysql';
}

Severity

Critical
9.8
/ 10

CVSS base metrics

Attack vector
Network
Attack complexity
Low
Privileges required
None
User interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
High
Availability
High
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CVE ID

CVE-2022-31181

Weaknesses