CVE-2023-30151
published 2023-07-13CVE-2023-30151: A SQL injection vulnerability in the Boxtal (envoimoinscher) module for PrestaShop, after version 3.1.10, allows remote attackers to execute arbitrary SQL…
PriorityP260critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
0.99%
58.2th percentile
A SQL injection vulnerability in the Boxtal (envoimoinscher) module for PrestaShop, after version 3.1.10, allows remote attackers to execute arbitrary SQL commands via the `key` GET parameter.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| boxtal | envoimoinscher | < 3.1.10 | 3.1.10 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
https://addons.prestashop.com/en/shipping-carriers/1755-boxtal-connect-turnkey-shipping-solution.htmlhttps://help.boxtal.com/hc/fr/articles/360001342977-J-ai-besoin-du-module-PrestaShop-ancienne-version-Boxtal-Envoimoinscher-pour-mon-sitehttps://security.friendsofpresta.org/module/2023/06/20/envoimoinscher.htmlhttps://addons.prestashop.com/en/shipping-carriers/1755-boxtal-connect-turnkey-shipping-solution.htmlhttps://help.boxtal.com/hc/fr/articles/360001342977-J-ai-besoin-du-module-PrestaShop-ancienne-version-Boxtal-Envoimoinscher-pour-mon-sitehttps://security.friendsofpresta.org/module/2023/06/20/envoimoinscher.html
2023-07-13
Published