This module addresses a critical Chain SQL Injection vulnerability affecting PrestaShop stores, identified under CVE-2022-36408 and CVE-2022-31181. By installing it as a standard add-on, the module replaces or copies the necessary core files to patch the security flaw without requiring manual file editing. It provides a straightforward remediation path for store owners who cannot immediately upgrade their PrestaShop installation.
- Patches CVE-2022-36408 and CVE-2022-31181 Chain SQL Injection vulnerabilities
- Installs as a standard ZIP add-on — no manual file editing required
- Uninstalling the module reverts the patched files, re-exposing the vulnerability
- Leaves a residual "cvepatches" folder in the
/classes directory upon uninstall, which must be removed manually
This module is intended for PrestaShop merchants who need a quick, installable fix for the Chain SQL Injection vulnerability and cannot apply the patch through other means. Store owners should be aware that removing the module will undo the security fix, and should plan accordingly to apply a permanent solution through a full platform upgrade when possible.
Comments (0)
Your review appreciation cannot be sent
Report comment
Report sent
Your report cannot be sent