Vulnerability Details CVE-2023-36263
Prestashop opartlimitquantity 1.4.5 and before is vulnerable to SQL Injection. OpartlimitquantityAlertlimitModuleFrontController::displayAjaxPushAlertMessage()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 15.7%
CVSS Severity
CVSS v3 Score 9.8
References
Products affected by CVE-2023-36263
-
cpe:2.3:a:prestashop:opartlimitquantity:1.4.5