• Home
  • About
  • @sivaneshashok
  • Search
Menu
Topic 1 Post

Prestashop

Page 1 of 1

CSRF to RCE bug chain in Prestashop v1.7.6.4 and below

By Sivanesh Ashok in Vulnerabilities on 18 Apr 2020

This article is about a CSRF, XSS bug chain that is then escalated to Remote Code Execution as an unauthenticated attacker, in Prestashop (unpatched as of 18/04/2020). When the admin opens a link, the chain gets executed and the server gets pwned. If you are interested in reading…

Page 1 of 1

Topics

Vulnerabilities: 5 Privilege Escalation: 1 Dropbox: 1 CSRF: 1 SSRF: 1 Bug Bounties: 1 CVE-2019-11815: 1 Tools: 1 Hashcatch: 1 WiFi: 1 CVE-2020-2040: 1 WordPress: 1 RCE: 1 Prestashop: 1 CVEs: 1 Source Code Review: 1 CVE-2020-4041: 1
Sivanesh Ashok © 2023
  • Sign up
Published with Ghost • Theme Attila • System theme