Home / Prestashop Module Tutorials / Ap Page Builder / Security issue with the module ApPageBuilder v.2.2.4

Security issue with the module ApPageBuilder v.2.2.4

Hi
When you got error
This issue enables hackers to do SQL injections and it can be exploited because of PHP files in the module that are not secured.
Please update ApPageBuilder to latest version
If you have many edit
you can follow my guide to fix

open file
modules/appagebuilder/appagebuilder.php
find the function
public function hookProductAllOneImg($list_pro)
in this function
find the code
$where = ‘ WHERE i.`id_product` IN (‘.pSQL($list_pro).’) AND i.`id_image` NOT IN (‘.$image_product.’) AND ish.`id_shop` = ‘.Context::getContext()->shop->id;
$order = ‘ ORDER BY i.`id_product`,`position`’;

edit it to

$where = ‘ WHERE i.`id_product` IN (‘.pSQL($list_pro).’) AND i.`id_image` NOT IN (‘.pSQL($image_product).’) AND ish.`id_shop` = ‘.Context::getContext()->shop->id;

We edit (‘.$image_product.’) to (‘.pSQL($image_product).’)

see my image

About Leo Theme

Check Also

Leotheme Black Friday 2022

Prestashop Theme and Module Black Friday and Cyber Monday Sales Leotheme 2022 30% Off

Prestashop Leotheme Black Friday 2022 Promotion! Dear valued customers, Black Friday and Cyber Monday Sales …