Lucene search
Veracode Vulnerability DatabaseVERACODE:40526HistoryMay 15, 2023 - 7:29 a.m.
SQL Injection
2023-05-1507:29:38
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
10
sql injection
prestashop
vulnerability
db.php
software
0.002 Low
EPSS
Percentile
58.6%
prestashop/prestashop is vulnerable to SQL injection. The vulnerability is due to improper sql sanitization in Db.php which allows an attacker to inject and execute malicious SQL queries.
References
github.com/advisories/GHSA-p379-cxqh-q822
github.com/PrestaShop/PrestaShop/commit/0f2a9b7fdd42d1dd3b21d4fad586a849642f3c30
github.com/PrestaShop/PrestaShop/commit/d1d27dc371599713c912b71bc2a455cacd7f2149
github.com/PrestaShop/PrestaShop/releases/tag/1.7.8.9
github.com/PrestaShop/PrestaShop/releases/tag/8.0.4
Related
nvd
nvd
CVE-2023-30839
2023-04-25 19:15:11
osv
osv
BIT-prestashop-2023-30839
2024-03-06 11:04:31
SQL filter bypass leading to arbitrary write requests using "SQL Manager"
2023-04-25 19:45:58
CVE-2023-30839
2023-04-25 19:15:11
cve
cve
CVE-2023-30839
2023-04-25 19:15:11
githubexploit
githubexploit
Exploit for SQL Injection in Prestashop
2023-04-27 11:49:13
cvelist
cvelist
prion
prion
Spoofing
2023-04-25 19:15:00
github
github
SQL filter bypass leading to arbitrary write requests using "SQL Manager"
2023-04-25 19:45:58