Entreprise française de cybersécurité depuis 2004
☎ 03 60 47 09 81 - info@securiteinfo.com
☎ 03 60 47 09 81 - info@securiteinfo.com
PrestaShop before 1.6.1.20 and 1.7.x before 1.7.3.4 mishandles cookie encryption in Cookie.php, Rinjdael.php, and Blowfish.php.
- https://www.exploit-db.com/exploits/45046/
- https://www.exploit-db.com/exploits/45047/
- https://github.com/0xT11/CVE-POC
- https://github.com/ARPSyndicate/cve-scores
- https://github.com/ambionics/prestashop-exploits
- https://github.com/zapalm/prestashop-security-vulnerability-checker