Published: 25/04/2023 Updated: 04/05/2023

CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8

VMScore: 0

PrestaShop is an Open Source e-commerce web application. Versions before 8.0.4 and 1.7.8.9 contain a SQL filtering vulnerability. A BO user can write, update, and delete in the database, even without having specific rights. PrestaShop 8.0.4 and 1.7.8.9 contain a patch for this issue. There are no known workarounds.

Vulnerable Product	Search on Vulmon	Subscribe to Product
prestashop prestashop

PrestaShop <1.7.8.9 Fix for CVE-2023-30839 and CVE-2023-30545

LabelGrup Networks, official PrestaShop Partner Module for PrestaShop <1789 to fix CVE-2023-30545, CVE-2023-30839 and CVE-2023-30839 vulnerabilities For further information, check the following links: CVE: nvdnistgov/vuln/detail/CVE-2023-30545 CVE: nvdnistgov/vuln/detail/CVE-2023-30838 CVE: nvdnistgov/vuln/detail/CVE-2023-30839 G

PrestaShop <1.7.8.9 Fix for CVE-2023-30839 and CVE-2023-30545

LabelGrup Networks, official PrestaShop Partner Module for PrestaShop <1789 to fix CVE-2023-30545, CVE-2023-30839 and CVE-2023-30839 vulnerabilities For further information, check the following links: CVE: nvdnistgov/vuln/detail/CVE-2023-30545 CVE: nvdnistgov/vuln/detail/CVE-2023-30838 CVE: nvdnistgov/vuln/detail/CVE-2023-30839 G

CWE-89 https://github.com/PrestaShop/PrestaShop/security/advisories/GHSA-p379-cxqh-q822 https://github.com/PrestaShop/PrestaShop/commit/d1d27dc371599713c912b71bc2a455cacd7f2149 https://github.com/PrestaShop/PrestaShop/commit/0f2a9b7fdd42d1dd3b21d4fad586a849642f3c30 https://nvd.nist.gov https://github.com/drkbcn/lblfixer_cve_2023_30839

CVE-2023-30839

Vulnerability Summary

Vulnerability Trend

Github Repositories

References

Vulmon Search

About

Products

Connect