Описание
SQL injection vulnerability in confirm.php in the mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to execute arbitrary SQL commands via the TID parameter.
Ссылки
- ExploitPatch
- ExploitPatch
- ExploitPatch
- Exploit
- ExploitPatch
- ExploitPatch
- ExploitPatch
- Exploit
Уязвимые конфигурации
Конфигурация 1Версия до 1.5.1 (включая)
Одно из
cpe:2.3:a:mpay24_project:mpay24:*:*:*:*:*:prestashop:*:*
cpe:2.3:a:mpay24_project:mpay24:1.4.0:*:*:*:*:prestashop:*:*
cpe:2.3:a:mpay24_project:mpay24:1.4.1:*:*:*:*:prestashop:*:*
cpe:2.3:a:mpay24_project:mpay24:1.4.2:*:*:*:*:prestashop:*:*
cpe:2.3:a:mpay24_project:mpay24:1.4.3:*:*:*:*:prestashop:*:*
cpe:2.3:a:mpay24_project:mpay24:1.4.4:*:*:*:*:prestashop:*:*
cpe:2.3:a:mpay24_project:mpay24:1.4.5:*:*:*:*:prestashop:*:*
cpe:2.3:a:mpay24_project:mpay24:1.4.6:*:*:*:*:prestashop:*:*
cpe:2.3:a:mpay24_project:mpay24:1.4.7:*:*:*:*:prestashop:*:*
cpe:2.3:a:mpay24_project:mpay24:1.4.8:*:*:*:*:prestashop:*:*
cpe:2.3:a:mpay24_project:mpay24:1.4.9:*:*:*:*:prestashop:*:*
cpe:2.3:a:mpay24_project:mpay24:1.5.0:*:*:*:*:prestashop:*:*
EPSS
Процентиль: 89%
0.0482
Низкий
7.5 High
CVSS2
Дефекты
CWE-89
Связанные уязвимости
github
больше 3 лет назад
SQL injection vulnerability in confirm.php in the mPAY24 payment module before 1.6 for PrestaShop allows remote attackers to execute arbitrary SQL commands via the TID parameter.
EPSS
Процентиль: 89%
0.0482
Низкий
7.5 High
CVSS2
Дефекты
CWE-89