GMS-2022-3270: PrestaShop eval injection possible if shop vulnerable to SQL injection

July 29, 2022

Impact

Eval injection possible if the shop is vulnerable to an SQL injection.

Patches

The problem is fixed in version 1.7.8.7

Workarounds

Delete the MySQL Smarty cache feature by removing these lines in the file config/smarty.config.inc.php lines 43-46 (PrestaShop 1.7) or 40-43 (PrestaShop 1.6):

if (Configuration::get('PS_SMARTY_CACHING_TYPE') == 'mysql') {
  include _PS_CLASS_DIR_.'Smarty/SmartyCacheResourceMysql.php';
  $smarty->caching_type = 'mysql';
}

References

github.com/PrestaShop/PrestaShop/releases/tag/1.7.8.7
github.com/PrestaShop/PrestaShop/security/advisories/GHSA-hrgx-p36p-89q4
github.com/advisories/GHSA-hrgx-p36p-89q4

Code Behaviors & Features

Detect and mitigate GMS-2022-3270 with GitLab Dependency Scanning

Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →