# PrestaShop

{{#include ../../banners/hacktricks-training.md}}

## From XSS to RCE

- [**PrestaXSRF**](https://github.com/nowak0x01/PrestaXSRF): PrestaShop Exploitation Script that elevate **XSS to RCE or Others Critical Vulnerabilities.** For more info check [**this post**](https://nowak0x01.github.io/papers/76bc0832a8f682a7e0ed921627f85d1d.html). It provides **provides support for PrestaShop Versions 8.X.X and 1.7.X.X, and allows to:**
  - _**(RCE) PSUploadModule(); - Upload a custom Module:**_ Upload a Persistent Module (backdoor) to PrestaShop.

{{#include ../../banners/hacktricks-training.md}}