Lucene search

MitreVULNRICHMENT:CVE-2023-39642

HistorySep 14, 2023 - 12:00 a.m.

CVE-2023-39642

2023-09-1400:00:00

mitre

github.com

cartsguru

sql injection

vulnerability

catalogmodulefrontcontroller

AI Score

8.3

Confidence

High

SSVC

Exploitation

poc

Automatable

yes

Technical Impact

total

JSON

Carts Guru cartsguru up to v2.4.2 was discovered to contain a SQL injection vulnerability via the component CartsGuruCatalogModuleFrontController::display().

References

addons.prestashop.com/fr/remarketing-paniers-abandonnes/22077-carts-guru-marketing-automation-multicanal.html

security.friendsofpresta.org/modules/2023/08/29/cartsguru.html