R00Tpgp

**Name of the Vulnerable Software and Affected Versions** PrestaShop versions 1.7.5.0 through 1.7.6.7 **Description** The issue concerns a blind SQL Injection attack in the Catalog Product edition page, specifically with the `location` parameter. This allows for unauthorized access to database information. The problem is fixed in version 1.7.6.8. **Recommendations** For PrestaShop versions 1.7.5.0 through 1.7.6.7, update to version 1.7.6.8 to resolve the issue. As a temporary workaround, consider restricting access to the Catalog Product edition page until the update is applied.