Vulnerability Details CVE-2023-28839
Shoppingfeed PrestaShop is an add-on to the PrestaShop ecommerce platform to synchronize data. The module Shoppingfeed for PrestaShop is vulnerable to SQL injection between version 1.4.0 and 1.8.2 due to a lack of input sanitization. This issue has been addressed in version 1.8.3. Users are advised to upgrade. There are no known workarounds for this issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 35.6%
CVSS Severity
CVSS v3 Score 9.4
References
Products affected by CVE-2023-28839
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.4.0
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.4.1
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.4.2
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.4.3
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.4.4
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.4.5
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.4.6
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.4.7
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.4.8
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.5.0
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.5.1
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.5.11
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.5.12
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.5.13
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.5.14
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.5.2
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.5.3
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.5.4
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.5.5
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.5.6
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.5.7
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.5.8
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.6.0
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.6.1
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.6.2
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.6.3
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.7.0
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.7.1
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.8.0
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.8.1
-
cpe:2.3:a:shoppingfeed:shoppingfeed:1.8.2