PT-2018-18645 · Prestashop · Responsive Mega Menu+1

Andrea Iodice

Published

2018-03-28

Updated

2018-04-24

CVE-2018-8823

CVSS v3.1

9.8

Critical

Vector

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions PrestaShop versions 1.5.5.0 through 1.7.2.5 Responsive Mega Menu (Horizontal+Vertical+Dropdown) Pro module version 1.0.32

Description The issue allows remote attackers to execute arbitrary PHP code. This is achieved via the code parameter in the modules/bamegamenu/ajax phpcode.php file of the Responsive Mega Menu module.

Recommendations For PrestaShop versions 1.5.5.0 through 1.7.2.5, consider removing or restricting access to the modules/bamegamenu/ajax phpcode.php file until a patch is available. For the Responsive Mega Menu (Horizontal+Vertical+Dropdown) Pro module version 1.0.32, avoid using the code parameter in the affected API endpoint until the issue is resolved.

Exploit

Fix

RCE

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2018-8823

Affected Products

Prestashop

Responsive Mega Menu

PT-2018-18645 · Prestashop · Responsive Mega Menu+1

CVE-2018-8823

Weakness Enumeration

Related Identifiers

Affected Products

References · 4