Lucene search

GitHub Advisory DatabaseGHSA-8R4M-5P6P-52RP

HistoryApr 26, 2023 - 4:03 p.m.

Arbitrary file read via SQL injection

2023-04-2616:03:45

CWE-89

GitHub Advisory Database

github.com

sql injection

arbitrary file read

operating system

select request

patches

software

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

EPSS

0.001

Percentile

45.4%

JSON

Impact

It is possible for a user having access to the SQL Manager (Advanced Options -> Database) to arbitrary read any file on the Operating system when using SQL function LOAD_FILE in a SELECT request. So It can access to critical information.

Patches

The patch will be on PS 8.0.4 and PS 1.7.8.9

Affected configurations

Vulners

Node

prestashopprestashopRange<1.7.8.9

prestashopprestashopRange<8.0.4

References

github.com/advisories/GHSA-8r4m-5p6p-52rp

github.com/PrestaShop/PrestaShop/commit/cddac4198a47c602878a787280d813f60c6c0630

github.com/PrestaShop/PrestaShop/commit/d900806e1841a31f26ff0a1843a6888fc1bb7f81

github.com/PrestaShop/PrestaShop/security/advisories/GHSA-8r4m-5p6p-52rp

nvd.nist.gov/vuln/detail/CVE-2023-30545

CVSS3

7.7

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

EPSS

0.001

Percentile

45.4%

JSON

Related for GHSA-8R4M-5P6P-52RP