CVE-2023-39526 PoC — PrestaShop SQL注入漏洞

Source

https://github.com/dnkhack/fixcve2023_39526_2023_39527

Associated Vulnerability

Title:PrestaShop SQL注入漏洞 (CVE-2023-39526)
Description:PrestaShop是美国PrestaShop公司的一套开源的电子商务解决方案。该方案提供多种支付方式、短消息提醒和商品图片缩放等功能。 PrestaShop存在SQL注入漏洞，该漏洞源于允许攻击者通过SQL注入和后台任意文件写入执行远程代码。受影响的产品和版本：PrestaShop 1.7.8.10之前版本，8.0.5之前版本，8.1.1之前版本。

Description

Prestashop fix vulnerability CVE-2023-39526 & CVE-2023-39527

Readme

# fix 
# CVE 2023_39526 (GHSA-gf46-prm4-56pc)
https://github.com/advisories/GHSA-gf46-prm4-56pc
# CVE 2023_39527 (GHSA-xw2r-f8xv-c8xp)
https://github.com/advisories/GHSA-xw2r-f8xv-c8xp

Prestashop fix vulnerability CVE-2023-39526 &amp; CVE-2023-39527

File Snapshot


 [4.0K]  /data/pocs/23669e7936c2ce922fdde99c6505fc1b3759e50b
├── [ 400]  config.xml
├── [5.5K]  fixcve2023_39526_2023_39527.php
├── [1.2K]  index.php
├── [ 36K]  logo.png
└── [ 251]  README.md

0 directories, 5 files

Shenlong Bot has cached this for you

Remarks

1. It is advised to access via the original source first.

2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).

3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.

Goal Reached Thanks to every supporter — we hit 100%!