Lucene search
+L

4 matches found

Circl
Circl
added 2023/03/22 3:35 p.m.12 views

CVE-2023-27638

creationtimestamp| type| source ---|---|--- 2023-03-22 15:35:55+00:00| exploited| https://t.me/cibsecurity/60443 2025-05-29 13:34:47+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-27638.yaml 2025-05-31 21:02:20+00:00| seen|...

9.8CVSS7.3AI score0.03299EPSS
Exploits1References4
NVD
NVD
added 2023/03/22 1:15 p.m.21 views

CVE-2023-27638

An issue was discovered in the tshirtecommerce aka Custom Product Designer component 2.1.4 for PrestaShop. An HTTP request can be forged with a compromised tshirtecommercedesigncartid GET parameter in order to exploit an insecure parameter in the functions hookActionCartSave and...

9.8CVSS9.7AI score0.03299EPSS
Exploits1References3
Vulnrichment
Vulnrichment
added 2023/03/22 12:0 a.m.8 views

CVE-2023-27638

An issue was discovered in the tshirtecommerce aka Custom Product Designer component 2.1.4 for PrestaShop. An HTTP request can be forged with a compromised tshirtecommercedesigncartid GET parameter in order to exploit an insecure parameter in the functions hookActionCartSave and...

9.8AI score0.03299EPSS
Exploits1References3
CVE
CVE
added 2023/03/22 12:0 a.m.81 views

CVE-2023-27638

CVE-2023-27638 concerns the PrestaShop module tshirtecommerce (Custom Product Designer) v2.1.4. The issue arises from an unauthenticated SQL injection via the parameter tshirtecommerce_design_cart_id , caused by an insecure handling of this input in the functions hookActionCartSave and updateCust...

9.8CVSS9.6AI score0.03299EPSS
Exploits1References3Affected Software1
Rows per page
Query Builder