Vulnerabilities > Prestashop > Critical

DATE CVE VULNERABILITY TITLE RISK
2018-05-10 CVE-2018-8824 SQL Injection vulnerability in multiple products
modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu (Horizontal+Vertical+Dropdown) Pro module 1.0.32 for PrestaShop 1.5.5.0 through 1.7.2.5 allows remote attackers to execute a SQL Injection through function calls in the code parameter.
network
low complexity
responsive-mega-menu-pro-project prestashop CWE-89
critical
9.8
2018-03-28 CVE-2018-8823 Code Injection vulnerability in multiple products
modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu (Horizontal+Vertical+Dropdown) Pro module 1.0.32 for PrestaShop 1.5.5.0 through 1.7.2.5 allows remote attackers to execute arbitrary PHP code via the code parameter.
network
low complexity
responsive-mega-menu-pro-project prestashop CWE-94
critical
9.8