Prestashop · Productcomments · CVE-2020-26248
**Name of the Vulnerable Software and Affected Versions**
PrestaShop module "productcomments" versions prior to 4.2.1
**Description**
The issue allows an attacker to use a Blind SQL injection to retrieve data or stop the MySQL service.
**Recommendations**
For PrestaShop module "productcomments" versions prior to 4.2.1, update to version 4.2.1 to resolve the issue.