CVE-2022-22897
published 2022-08-29CVE-2022-22897: A SQL injection vulnerability in the product_all_one_img and image_product parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop…
PriorityP184critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
ITWEXPLOITVulnCheck KEV
Exploited in the wild
EPSS
10.81%
95.3th percentile
A SQL injection vulnerability in the product_all_one_img and image_product parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to exfiltrate database data.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apollotheme | ap_pagebuilder | <= 2.4.5 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor HTTP requests targeting AP PageBuilder component parameters 'product_all_one_img' and 'image_product' for SQL injection payloads; exploitation does not require authentication. ↗
- →Detection rule targets PrestaShop AP PageBuilder version =6 with HTTP 200 response status and body content matching the component; use version comparison logic to flag vulnerable instances.
- ·The affected component version range spans AP PageBuilder through 2.4.4 (NVD) but the detection template also references version '=6', suggesting possible version discrepancy or multiple release branches; validate the exact version string present on target installations.
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
vulncheck9.8CRITICAL
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9j8j-w6vx-vqfr: A SQL injection vulnerability in the product_all_one_img and image_product parameters of the ApolloTheme AP PageBuilder component through 2
ghsa_unreviewed·2022-08-29
CVE-2022-22897 [CRITICAL] CWE-89 GHSA-9j8j-w6vx-vqfr: A SQL injection vulnerability in the product_all_one_img and image_product parameters of the ApolloTheme AP PageBuilder component through 2
A SQL injection vulnerability in the product_all_one_img and image_product parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to exfiltrate database data.
VulnCheck
apollotheme ap_pagebuilder Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
vulncheck·2022·CVSS 9.8
CVE-2022-22897 [CRITICAL] apollotheme ap_pagebuilder Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
apollotheme ap_pagebuilder Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
A SQL injection vulnerability in the product_all_one_img and image_product parameters of the ApolloTheme AP PageBuilder component through 2.4.4 for PrestaShop allows unauthenticated attackers to exfiltrate database data.
Affected: apollotheme ap_pagebuilder
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-08-06&host_type=src&vulnerability=cve-2022-22897; https://dashboard.shadowserver.org/statistics/honeypot/vulnerability/map/?day=2024-08-07&host_type=src&vulnerabi
No detection rules found.
Nuclei
PrestaShop AP Pagebuilder <= 2.4.4 - SQL Injection
nuclei·CVSS 9.8
CVE-2022-22897 [CRITICAL] PrestaShop AP Pagebuilder <= 2.4.4 - SQL Injection
PrestaShop AP Pagebuilder =6'
- 'status_code_1 == 200 && compare_versions(version, "=6'
- 'status_code_1 == 200 && compare_versions(version, " 200 && len(body_4) \\s*\\s*"
# digest: 4a0a004730450221008387f66b593d385a2792d758e508709fbc20e673528c624368a90970768bd730022036dd7fecec603be01e7bb1e8645400dc4ffee129c36768b643a3d88e61263c1f:922c64590222798bb761d5b6d8e72950
No writeups or analysis indexed.
http://packetstormsecurity.com/files/168148/PrestaShop-Ap-Pagebuilder-2.4.4-SQL-Injection.htmlhttps://friends-of-presta.github.io/security-advisories/modules/2023/01/05/appagebuilder.htmlhttp://packetstormsecurity.com/files/168148/PrestaShop-Ap-Pagebuilder-2.4.4-SQL-Injection.htmlhttps://friends-of-presta.github.io/security-advisories/modules/2023/01/05/appagebuilder.html
2022-08-29
Published
Exploited in the wild