V1.7 MODULE TO FIX VULNERABILITY GHSA-6xxj-gcjq-wgf4 (AFFECTED PS 1.7.5.0 -> 1.7.8.1)

[stronzodicane]

A security flaw has been detected in Prestashop that potentially allows malicious people to compromise the integrity of the ecommerce. The Prestashop versions affected are:
Prestashop 1.7.5.0 -> 1.7.8.1

To solve and correct the problem it is necessary to update Prestashop to version 1.7.8.2 or to intervene in a targeted way by applying dedicated patches. Below is the link for more information:

Blind SQLi using Search filters

### Impact Blind SQLi using Search filters with `orderBy` and `sortOrder` parameters ### Patches The problem is fixed in 1.7.8.2 ### References [SQL Injection (CWE-89) ](https://cwe.mitr...

github.com

 

[AllforWEB]

Upsss.. Thanks

 

[d-shilko]

A security flaw has been detected in Prestashop that potentially allows malicious people to compromise the integrity of the ecommerce. The Prestashop versions affected are:
Prestashop 1.7.5.0 -> 1.7.8.1

To solve and correct the problem it is necessary to update Prestashop to version 1.7.8.2 or to intervene in a targeted way by applying dedicated patches. Below is the link for more information:

Blind SQLi using Search filters

### Impact Blind SQLi using Search filters with `orderBy` and `sortOrder` parameters ### Patches The problem is fixed in 1.7.8.2 ### References [SQL Injection (CWE-89) ](https://cwe.mitr...

github.com

Hello I need tip. Are where you download this patch? Provide please link of page. Thanks in advance.

 

[Cierrex]

thanks

 

[x50902Ty]

thank you

 

[billoceceo]

thank you

 

[stronzodicane]

Hello I need tip. Are where you download this patch? Provide please link of page. Thanks in advance.

u can open the php files and verify genuine code. I realized this patch ...

 

[d-shilko]

u can open the php files and verify genuine code. I realized this patch ...

Bro I understand code. I have to interesting where you got this patch - I need source for future!
Thank you in advance.

 

[neocol]

Nice

 

[hegBIT]

thanks

 

[unione]

OTTIMO

 

[ilsanto64]

Upsss.. Thanks

 

[cotoletta]

Thank you so much

 

[cuttydark]

thanks

 

[darksabi]

Thanks.

 

[urernamer]

ty

 

[BabyBoss]

u can open the php files and verify genuine code. I realized this patch ...

I'm not sure to understand what you did : you compile the pull request detail on github for this security fix (GHSA-6xxj-gcjq-wgf4) into a module and you release it here for earning Nullcash ?

Bro I understand code. I have to interesting where you got this patch - I need source for future!
Thank you in advance.

You have to go on github every time to find the fix. Here is the detail for this specific fix : https://github.com/PrestaShop/PrestaShop/commit/6482b9ddc9dcebf7588dbfd616d2d635218408d6

 

[d-shilko]

I'm not sure to understand what you did : you compile the pull request detail on github for this security fix (GHSA-6xxj-gcjq-wgf4) into a module and you release it here for earning Nullcash ?


You have to go on github every time to find the fix. Here is the detail for this specific fix : https://github.com/PrestaShop/PrestaShop/commit/6482b9ddc9dcebf7588dbfd616d2d635218408d6

I'll try to explain my question again. Where you download this patch?

 

[BabyBoss]

I'm pretty sure there is no patch at all..
Stronzodicane made this patch by himself (I'll not spend nullcash to see what it contains) I guess it's the 2 or 3 modified php files you need to replace in the dedicated directories.

 

[x50902Ty]

nice plugin