PrestaShop Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2018-8824 - Vulnerability Database

PrestaShop Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability - CVE-2018-8824

Critical
Reference: CVE-2018-8824
Title: PrestaShop Improper Neutralization of Special Elements used in an SQL Command (SQL Injection) Vulnerability
Overview:

modules/bamegamenu/ajax_phpcode.php in the Responsive Mega Menu (HorizontalVerticalDropdown) Pro module 1.0.32 for PrestaShop 1.5.5.0 through 1.7.2.5 allows remote attackers to execute a SQL Injection through function calls in the code parameter.