10 matches found
VulnCheck KEV: CVE-2023-27032
Prestashop advancedpopupcreator v1.1.21 to v1.1.24 was discovered to contain a SQL injection vulnerability via the component AdvancedPopup::getPopups...
CVE-2025-69633
A SQL Injection vulnerability in the Advanced Popup Creator advancedpopupcreator module for PrestaShop 1.1.26 through 1.2.6 Fixed in version 1.2.7 allows remote unauthenticated attackers to execute arbitrary SQL queries via the fromController parameter in the popup controller. The parameter is...
CVE-2025-69633
A SQL Injection vulnerability in the Advanced Popup Creator advancedpopupcreator module for PrestaShop 1.1.26 through 1.2.6 Fixed in version 1.2.7 allows remote unauthenticated attackers to execute arbitrary SQL queries via the fromController parameter in the popup controller. The parameter is...
CVE-2025-69633
A SQL Injection vulnerability in the Advanced Popup Creator advancedpopupcreator module for PrestaShop 1.1.26 through 1.2.6 Fixed in version 1.2.7 allows remote unauthenticated attackers to execute arbitrary SQL queries via the fromController parameter in the popup controller. The parameter is...
CVE-2025-69633
A SQL Injection vulnerability in the Advanced Popup Creator advancedpopupcreator module for PrestaShop 1.1.26 through 1.2.6 Fixed in version 1.2.7 allows remote unauthenticated attackers to execute arbitrary SQL queries via the fromController parameter in the popup controller. The parameter is...
CVE-2025-69633
A SQL Injection vulnerability in the Advanced Popup Creator advancedpopupcreator module for PrestaShop 1.1.26 through 1.2.6 Fixed in version 1.2.7 allows remote unauthenticated attackers to execute arbitrary SQL queries via the fromController parameter in the popup controller. The parameter is...
CVE-2025-69633
CVE-2025-69633 is a SQL injection vulnerability in the PrestaShop Advanced Popup Creator module, affecting versions 1.1.26–1.2.6 (fixed in 1.2.7). The flaw allows remote, unauthenticated attackers to execute arbitrary SQL queries via the fromController parameter in the popup controller, with the ...
PT-2026-8039
Name of the Vulnerable Software and Affected Versions PrestaShop Advanced Popup Creator module versions 1.1.26 through 1.2.6 Description A SQL Injection issue exists in the Advanced Popup Creator module for PrestaShop. The issue is due to unsanitized data being passed to SQL queries within the...
PrestaShop SQL注入漏洞
PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides a variety of payment methods, short message alerts and product image scaling and other features. A security vulnerability exists in PrestaShop advancedpopupcreator versions v1.1.21...
PT-2023-20908 · Prestashop · Prestashop Advancedpopupcreator
Name of the Vulnerable Software and Affected Versions: Prestashop advancedpopupcreator versions 1.1.21 through 1.1.24 Description: The issue is related to a SQL injection vulnerability. It affects the component AdvancedPopup::getPopups. Recommendations: For versions 1.1.21 through 1.1.24, conside...