diff --git a/http/cves/2023/CVE-2023-39677.yaml b/http/cves/2023/CVE-2023-39677.yaml
new file mode 100644
index 0000000000..d92f5e9e04
--- /dev/null
+++ b/http/cves/2023/CVE-2023-39677.yaml
@@ -0,0 +1,42 @@
+id: CVE-2023-39677
+
+info:
+  name: PrestaShop MyPrestaModules - PhpInfo Disclosure
+  author: meme-lord
+  severity: low
+  description: |
+    PrestaShop modules by MyPrestaModules expose PHPInfo
+  reference:
+    - https://blog.sorcery.ie/posts/myprestamodules_phpinfo/
+    - https://cve.report/CVE-2023-39677
+  metadata:
+    max-request: 1
+    verified: true
+    shodan-query: http.component:"PrestaShop"
+  tags: cve,cve2023,prestashop,phpinfo,disclosure
+
+http:
+  - method: GET
+    path:
+      - "{{BaseURL}}/modules/simpleimportproduct/send.php?phpinfo=1"
+      - "{{BaseURL}}/modules/updateproducts/send.php?phpinfo=1"
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - "PHP Extension"
+          - "PHP Version"
+        condition: and
+
+      - type: status
+        status:
+          - 200
+
+    extractors:
+      - type: regex
+        part: body
+        group: 1
+        regex:
+          - '>PHP Version <\/td><td class="v">([0-9.]+)'