PrestaShop 1.6.x before 1.6.1.23 and 1.7.x before 1.7.4.4 allows remote attackers to execute arbitrary code via a file upload.
{ "source": "CPE_RANGE", "cpe": "cpe:2.3:a:prestashop:prestashop:*:*:*:*:*:*:*:*", "extracted_events": [ { "introduced": "1.6.0.1" }, { "fixed": "1.6.1.23" }, { "introduced": "1.7.0.0" }, { "fixed": "1.7.4.4" } ] }
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-19126.json"