# LabelGrup Networks, official PrestaShop Partner
Module for PrestaShop 1.6.1.X and 1.7.X to fix CVE-2022-31181 vulnerability (Chain SQL Injection)
For further information, check the following links:
- CVE: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-31181
- GitHub: https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-hrgx-p36p-89q4
- PrestaShop: https://build.prestashop.com/news/major-security-vulnerability-on-prestashop-websites/
1. Download the latest release from this repository.
2. Install the downloaded ZIP as a normal addon, this will replace/copy the needed files to your current PrestaShop.
3. Be aware: If you remove the addon, your PrestaShop will be reverted to its original state, exposing the vulnerability again.
**For PrestaShop 1.6 users:**
- This addon is not compatible with PrestaShop 1.6.0.X, the minimal supported version is 184.108.40.206.
- If you remove the addon, a folder named "cvepatches" will remain in your "/classes" path. Please, delete the "cvepatches" folder once the addon is uninstalled.
Visit our website: