PrestaShop `tshirtecommerce` Module - SQL Injection

Short Info


Level

Critical

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

9 days

Scan only one

Domain, Subdomain, IPv4

Toolbox

-

The tshirtecommerce module for PrestaShop is vulnerable to unauthenticated SQL injection via the designer endpoint, allowing attackers to execute arbitrary SQL queries and extract sensitive information from the database.


References:

Remediation:
Update the tshirtecommerce module to the latest version and apply all security patches.
Get started to protecting your digital assets