ГлавнаяУязвимости → CVE-2023-50027
9.8критическая

CVE-2023-50027

Описание

SQL Injection vulnerability in Buy Addons baproductzoommagnifier module for PrestaShop versions 1.0.16 and before, allows remote attackers to escalate privileges and gain sensitive information via BaproductzoommagnifierZoomModuleFrontController::run() method.

Затрагиваемое ПО
Buy-addons Bazoom magnifier
CVSS
Балл9.8 — критическая
ВекторCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Источники
https://security.friendsofpresta.org/modules/2023/12/19/baproductzoommagnifier.htmlhttps://security.friendsofpresta.org/modules/2023/12/19/baproductzoommagnifier.html