CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-45381

In the module "Creative Popup" (creativepopup) up to version 1.6.9 from WebshopWorks for PrestaShop, a guest can perform SQL injection via `cp_download_popup().`

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 34.5%

CVSS Severity

CVSS v3 Score 9.8

References

https://addons.prestashop.com/fr/pop-up/39348-creative-popup.html
https://security.friendsofpresta.org/modules/2023/10/19/creativepopup.html
https://addons.prestashop.com/fr/pop-up/39348-creative-popup.html
https://security.friendsofpresta.org/modules/2023/10/19/creativepopup.html

Products affected by CVE-2023-45381

Webshopworks » Creativepopup » Version: N/A

cpe:2.3:a:webshopworks:creativepopup:-
Webshopworks » Creativepopup » Version: 1.6.9

cpe:2.3:a:webshopworks:creativepopup:1.6.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-45381

Products

Pricing

Contact Us