Vulnerability Details CVE-2023-26860
SQL injection vulnerability found in PrestaShop Igbudget v.1.0.3 and before allow a remote attacker to gain privileges via the LgBudgetBudgetModuleFrontController::displayAjaxGenerateBudget component.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.002
EPSS Ranking 42.2%
CVSS Severity
CVSS v3 Score 8.8
References
- https://addons.prestashop.com/en/order-management/45282-save-your-carts-and-buy-later-or-send-it.html
- https://friends-of-presta.github.io/security-advisories/modules/2023/04/04/lgbudget.html
- https://addons.prestashop.com/en/order-management/45282-save-your-carts-and-buy-later-or-send-it.html
- https://friends-of-presta.github.io/security-advisories/modules/2023/04/04/lgbudget.html
Products affected by CVE-2023-26860
-
Save Your Carts And Buy Later Or Send It Project » Save Your Carts And Buy Later Or Send It » Version: N/Acpe:2.3:a:save_your_carts_and_buy_later_or_send_it_project:save_your_carts_and_buy_later_or_send_it:-
-
Save Your Carts And Buy Later Or Send It Project » Save Your Carts And Buy Later Or Send It » Version: 1.0.3cpe:2.3:a:save_your_carts_and_buy_later_or_send_it_project:save_your_carts_and_buy_later_or_send_it:1.0.3