cvedb.io
CVE-2022-46158
MEDIUM · CVSS 5.3
EPSS exploitation probability: 0%
Published 2022-12-08T22:15:10.640 · Last modified 2026-06-17T05:11:19.667

Summary

PrestaShop is an open-source e-commerce solution. Versions prior to 1.7.8.8 did not properly restrict host filesystem access for users. Users may have been able to view the contents of the upload directory without appropriate permissions. This issue has been addressed and users are advised to upgrade to version 1.7.8.8. There are no known workarounds for this issue.

Affected products

prestashop — prestashop

Does this affect you?

Add your gear to cvedb and we'll alert you only when prestashop ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.