PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides a variety of payment methods, short message alerts and product image scaling and other features. PrestaShop suffers from a SQL injection vulnerability that stems from the applicationβs lack of validation of externally entered SQL statements. A remote attacker can exploit this vulnerability to elevate privileges and obtain sensitive information via the BaproductzoommagnifierZoomModuleFrontController::run() method.