CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Stripe: >> Stripe Payment Pro Security Vulnerabilities

CVE-2023-23315

The PrestaShop e-commerce platform module stripejs contains a Blind SQL injection vulnerability up to version 4.5.5. The method `stripejsValidationModuleFrontController::initContent()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection.

CVSS Score

9.8

EPSS Score

0.001

Published

2023-03-01

Page 1

Vulnerabilities

Vulnerable Software

Stripe: >> Stripe Payment Pro Security Vulnerabilities

Products

Pricing

Contact Us