CVE-2018-8823 — AI Deep Analysis Summary

🚨 **Essence**: A critical flaw in the 'Responsive Mega Menu Pro' module for PrestaShop. 📉 **Consequences**: Allows **Remote Code Execution (RCE)** and **SQL Injection (SQLi)**.…

🛡️ **Root Cause**: Improper input validation in `modules/bamegamenu/ajax_phpcode.php`. The `code` parameter accepts function calls directly, leading to **CWE-94** (Code Injection) and **CWE-89** (SQL Injection).

📦 **Affected**: PrestaShop versions **1.5.5.0 to 1.7.2.5**. Specifically, the **Responsive Mega Menu Pro module v1.0.32**. 🌐 **Vendor**: PrestaShop (Open-source e-commerce).

💀 **Attacker Power**: Full **Remote Code Execution** (run arbitrary PHP code) and **SQL Injection** (dump/modify DB). ⚠️ **Impact**: Complete site compromise, data breach, or server takeover. No admin access needed.

🔓 **Threshold**: **LOW**. It is a **Remote** vulnerability. No authentication required. Attackers can exploit it via HTTP requests to the specific endpoint. 🚀 Easy to automate.

🔍 **Public Exp?**: **YES**. Proof of Concept (PoC) exists in public repositories (e.g., ProjectDiscovery Nuclei templates). Wild exploitation is likely possible using automated scanners. 🕸️

🔎 **Self-Check**: Scan for the file path: `/modules/bamegamenu/ajax_phpcode.php`. Use tools like Nuclei or Burp Suite to test the `code` parameter for injection payloads. 🧪

🩹 **Fix**: Update the **Responsive Mega Menu Pro module** to a patched version (if available) or remove the vulnerable module entirely. 🛑 PrestaShop core update alone may not fix this module-specific issue.

🚧 **No Patch?**: **Disable/Remove** the 'Responsive Mega Menu Pro' module immediately. 🚫 Block access to `/modules/bamegamenu/` via WAF rules. Restrict server permissions to limit RCE impact.

🔥 **Urgency**: **CRITICAL**. High severity (RCE/SQLi), low exploitation barrier, and public PoCs exist. Patch or mitigate **IMMEDIATELY**. ⏳