CVE-2023-34576

CRITICAL

9.8

CVSS Severity Score

EPSS Score0.0740%

EPSS Percentile42.59th

PublishedSep 21, 2023

Last ModifiedJun 12, 2026

Vulnerability Description

SQL injection vulnerability in updatepos.php in PrestaShop opartfaq through 1.0.3 allows remote attackers to run arbitrary SQL commands via unspedified vector.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://security.friendsofpresta.org/modules/2023/09/19/opartfaq.html

Related Vulnerabilities

CVE-2023-11149.8

Missing Authorization vulnerability in Eskom e-Belediye allows Information Elicitation. This issue affects e-Belediye: from 1.0.0...

CVE-2023-08399.8

Improper Protection for Outbound Error Messages and Alert Signals vulnerability in ProMIS Process Co. InSCADA allows Account Footp...

CVE-2023-09399.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in NTN Information Technologies...

CVE-2023-09799.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in MedData MedDataPACS allows S...