Vulnerability Description
SQL injection vulnerability in Prestashop opartplannedpopup 1.4.11 and earlier allows remote attackers to run arbitrary SQL commands via OpartPlannedPopupModuleFrontController::prepareHook() method.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Planned Popup Project | Planned Popup | < 1.4.12 |
Related Weaknesses (CWE)
References
- https://security.friendsofpresta.org/modules/2023/09/19/opartplannedpopup.htmlExploitPatchThird Party Advisory
- https://security.friendsofpresta.org/modules/2023/09/19/opartplannedpopup.htmlExploitPatchThird Party Advisory
FAQ
What is CVE-2023-34577?
CVE-2023-34577 is a vulnerability with a CVSS score of 9.8 (CRITICAL). SQL injection vulnerability in Prestashop opartplannedpopup 1.4.11 and earlier allows remote attackers to run arbitrary SQL commands via OpartPlannedPopupModuleFrontController::prepareHook() method.
How severe is CVE-2023-34577?
CVE-2023-34577 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-34577?
Check the references section above for vendor advisories and patch information. Affected products include: Planned Popup Project Planned Popup.