Sql injection

2022-11-1017:15:00

PRIOn knowledge base

www.prio-n.com

prestashop

gdpr

sql injection

nvd

9.5 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

49.0%

The EU Cookie Law GDPR (Banner + Blocker) module before 2.1.3 for PrestaShop allows SQL Injection via a cookie ( lgcookieslaw or __lglaw ).

CPENameOperatorVersion
eu_cookie_law_gdprlt2.1.3

CPE	Name	Operator	Version
	eu_cookie_law_gdpr	lt	2.1.3

References

addons.prestashop.com/en/legal/8734-eu-cookie-law-gdpr-banner-blocker.html

securityandstuff.com/posts/cve-2022-44727/

www.lineagrafica.es/modp/lgcookieslaw/en/readme_en.pdf