Vulnerability Details CVE-2022-44727
The EU Cookie Law GDPR (Banner + Blocker) module before 2.1.3 for PrestaShop allows SQL Injection via a cookie ( lgcookieslaw or __lglaw ).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 52.0%
CVSS Severity
CVSS v3 Score 9.1
References
- https://addons.prestashop.com/en/legal/8734-eu-cookie-law-gdpr-banner-blocker.html
- https://securityandstuff.com/posts/cve-2022-44727/
- https://www.lineagrafica.es/modp/lgcookieslaw/en/readme_en.pdf
- https://addons.prestashop.com/en/legal/8734-eu-cookie-law-gdpr-banner-blocker.html
- https://securityandstuff.com/posts/cve-2022-44727/
- https://www.lineagrafica.es/modp/lgcookieslaw/en/readme_en.pdf
Products affected by CVE-2022-44727
-
cpe:2.3:a:lineagrafica:eu_cookie_law_gdpr:-