4 matches found
CVE-2023-27638
creationtimestamp| type| source ---|---|--- 2023-03-22 15:35:55+00:00| exploited| https://t.me/cibsecurity/60443 2025-05-29 13:34:47+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2023/CVE-2023-27638.yaml 2025-05-31 21:02:20+00:00| seen|...
CVE-2023-27638
An issue was discovered in the tshirtecommerce aka Custom Product Designer component 2.1.4 for PrestaShop. An HTTP request can be forged with a compromised tshirtecommercedesigncartid GET parameter in order to exploit an insecure parameter in the functions hookActionCartSave and...
CVE-2023-27638
An issue was discovered in the tshirtecommerce aka Custom Product Designer component 2.1.4 for PrestaShop. An HTTP request can be forged with a compromised tshirtecommercedesigncartid GET parameter in order to exploit an insecure parameter in the functions hookActionCartSave and...
CVE-2023-27638
CVE-2023-27638 concerns the PrestaShop module tshirtecommerce (Custom Product Designer) v2.1.4. The issue arises from an unauthenticated SQL injection via the parameter tshirtecommerce_design_cart_id , caused by an insecure handling of this input in the functions hookActionCartSave and updateCust...