CVE-2023-27843

CVSS V2 None CVSS V3 None

Description

SQL injection vulnerability found in PrestaShop askforaquote v.5.4.2 and before allow a remote attacker to gain privileges via the QuotesProduct::deleteProduct component.

Overview

CVE ID
CVE-2023-27843

Assigner
cve@mitre.org

Vulnerability Status
Received

Published Version
2023-04-26T00:15:09

Last Modified Date
2023-04-26T00:15:09

References

Reference URL	Reference Tags
https://addons.prestashop.com/en/quotes/3725-ask-for-a-quote-convert-to-order-messaging-system.html
https://friends-of-presta.github.io/security-advisories/modules/2023/04/25/askforaquote.html

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-27843
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-27843

History

Created	Old Value	New Value	Data Type	Notes
2023-04-26 01:01:13				Added to TrackCVE