exploitDog

CVE-2023-30192

Опубликовано: 12 мая 2023

Источник: nvd

CVSS3: 9.8

EPSS Средний

Описание

Prestashop possearchproducts 1.7 is vulnerable to SQL Injection via PosSearch::find().

Ссылки

https://friends-of-presta.github.io/security-advisories/modules/2023/05/11/possearchproducts.html
Exploit
Patch
Third Party Advisory
https://themeforest.net/user/posthemes/portfolio
Product
https://friends-of-presta.github.io/security-advisories/modules/2023/05/11/possearchproducts.html
Exploit
Patch
Third Party Advisory
https://themeforest.net/user/posthemes/portfolio
Product

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:prestashop:possearchproducts:1.7:*:*:*:*:prestashop:*:*

EPSS

Процентиль: 97%

0.4188

Средний

9.8 Critical

CVSS3

Дефекты

CWE-89

CWE-89

Связанные уязвимости

GHSA-wfr5-r44x-fgpg

CVSS3: 9.8

github

больше 2 лет назад

Prestashop possearchproducts 1.7 is vulnerable to SQL Injection via PosSearch::find().

EPSS

Процентиль: 97%

0.4188

Средний

9.8 Critical

CVSS3

Дефекты

CWE-89

CWE-89