CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-27032

Prestashop advancedpopupcreator v1.1.21 to v1.1.24 was discovered to contain a SQL injection vulnerability via the component AdvancedPopup::getPopups().

Exploit prediction scoring system (EPSS) score

EPSS Score 0.384

EPSS Ranking 97.1%

CVSS Severity

CVSS v3 Score 9.8

References

https://addons.prestashop.com/en/pop-up/23773-popup-on-entry-exit-popup-add-product-and-newsletter.html
https://friends-of-presta.github.io/security-advisories/modules/2023/04/11/advancedpopupcreator.html
https://addons.prestashop.com/en/pop-up/23773-popup-on-entry-exit-popup-add-product-and-newsletter.html
https://friends-of-presta.github.io/security-advisories/modules/2023/04/11/advancedpopupcreator.html

Products affected by CVE-2023-27032

None » None » Version:

_add_product)_and_newsletter:1.1.21
None » None » Version:

_add_product)_and_newsletter:1.1.24
None » None » Version:

_exit_popup
Idnovate » Popup Module (On Entering » Version: Any

cpe:2.3:a:idnovate:popup_module_(on_entering

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-27032

Products

Pricing

Contact Us