CVE-2020-15082

See a problem?
Please try reporting it to the source first.

Source

https://cve.org/CVERecord?id=CVE-2020-15082

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-15082.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2020-15082

Related

GHSA-mc98-xjm3-c4fm

Published

2020-07-02T17:15:12.357Z

Modified

2026-04-10T04:22:48.502135Z

Severity

8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator

Summary

[none]

Details

In PrestaShop from version 1.6.0.1 and before version 1.7.6.6, the dashboard allows rewriting all configuration variables. The problem is fixed in 1.7.6.6

References

Affected packages

Git / github.com/prestashop/prestashop

Affected ranges

Type

GIT

Repo

https://github.com/prestashop/prestashop

Events

Introduced

3f5963885e0a8ac9e235cae2da8cf597df6a6e73

Fixed

b2956eec991d4bdc0651862557afc472c04ae8cc

Fixed

0f0d6238169a79d94f5ef28d24e60a9be8902f4b

Database specific

{
    "versions": [
        {
            "introduced": "1.6.0.1"
        },
        {
            "fixed": "1.7.6.6"
        }
    ]
}

Affected versions

1.*

1.6.0.1

1.6.0.3

1.6.1.0

1.7.0.0-beta.1.0

1.7.0.0-beta.2.0

1.7.0.0-beta.4.0

1.7.0.0-rc.0.0

1.7.6.0

1.7.6.0-rc.1

1.7.6.0-rc.2

1.7.6.1

1.7.6.3

1.7.6.4

1.7.6.5

Database specific

source

"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2020-15082.json"