CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2021-3110

The store system in PrestaShop 1.7.7.0 allows time-based boolean SQL injection via the module=productcomments controller=CommentGrade id_products[] parameter.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.686

EPSS Ranking 98.5%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://medium.com/%40gondaliyajaimin797/cve-2021-3110-75a24943ca5e
https://www.exploit-db.com/exploits/49410
https://medium.com/%40gondaliyajaimin797/cve-2021-3110-75a24943ca5e
https://www.exploit-db.com/exploits/49410

Products affected by CVE-2021-3110

Prestashop » Prestashop » Version: 1.7.7.0

cpe:2.3:a:prestashop:prestashop:1.7.7.0

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2021-3110

Products

Pricing

Contact Us