CyberSec.Space Logo
返回 CVE 浏览器

CVE-2023-36263

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0550%
EPSS Percentile22.60th
Published2023年10月31日
Last Modified2026年6月12日

Vulnerability Description

Prestashop opartlimitquantity 1.4.5 and before is vulnerable to SQL Injection. OpartlimitquantityAlertlimitModuleFrontController::displayAjaxPushAlertMessage()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection.

Affected Platforms (CPE)

No CPE configurations currently published for this record.

References & Advisories

🔗 https://security.friendsofpresta.org/modules/2023/10/25/opartlimitquantity.html
🔗 https://security.friendsofpresta.org/modules/2023/10/25/opartlimitquantity.html

相关漏洞威胁

CVE-2023-30459.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tise Technology Parking Web ...

CVE-2023-15479.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Elra Parkmatik allows SQL In...

CVE-2023-28529.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Softmed SelfPatron allows SQ...

CVE-2023-29579.8

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Lisa Software Florist Site a...