## https://sploitus.com/exploit?id=E8928D90-57ED-5A6A-9CEF-82114C097DAC
# LabelGrup Networks, official PrestaShop Partner
Module for PrestaShop 1.6.1.X and 1.7.X to fix CVE-2022-36408 / CVE-2022-31181 vulnerability (Chain SQL Injection)
For further information, check the following links:
- CVE: https://nvd.nist.gov/vuln/detail/CVE-2022-36408
- CVE (GitHub): https://vulners.com/cve/CVE-2022-31181
- GitHub: https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-hrgx-p36p-89q4
- PrestaShop: https://build.prestashop.com/news/major-security-vulnerability-on-prestashop-websites/
**Instructions:**
1. Download the latest release from this repository.
2. Install the downloaded ZIP as a normal addon, this will replace/copy the needed files to your current PrestaShop.
3. Be aware: If you remove the addon, your PrestaShop will be reverted to its original state, exposing the vulnerability again.
**For PrestaShop 1.6 users:**
- This addon is not compatible with PrestaShop 1.6.0.X, the minimal supported version is 1.6.1.0.
- If you remove the addon, a folder named "cvepatches" will remain in your "/classes" path. Please, delete the "cvepatches" folder once the addon is uninstalled.
Visit our website:
https://www.labelgrup.com