CVE-2020-26248

In the PrestaShop module "productcomments" before version 4.2.1, an attacker can use a Blind SQL injection to retrieve data or stop the MySQL service. The problem is fixed in 4.2.1 of the module.
Configurations

Configuration 1

cpe:2.3:a:prestashop:productcomments:*:*:*:*:*:prestashop:*:*

Information

Published : 2020-12-03 09:15

Updated : 2022-01-06 02:17


NVD link : CVE-2020-26248

Mitre link : CVE-2020-26248

Products Affected
No products.
CWE