CVE-2023-30198
published 2023-06-12CVE-2023-30198: Prestashop winbizpayment <= 1.0.2 is vulnerable to Incorrect Access Control via modules/winbizpayment/downloads/download.php.
PriorityP357high7.5CVSS 3.1
AVNACLPRNUINSUCHINAN
EXPLOIT
EPSS
5.52%
91.8th percentile
Prestashop winbizpayment <= 1.0.2 is vulnerable to Incorrect Access Control via modules/winbizpayment/downloads/download.php.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| webbax | winbizpayment | <= 1.0.2 | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Monitor POST requests to /modules/winbizpayment/downloads/download.php, which is the vulnerable endpoint exploited for path traversal / improper access control. ↗
- →Detect POST requests to the winbizpayment download endpoint containing an 'id_order' parameter, which is the mechanism used to trigger unauthorized file downloads. ↗
- →Flag unauthenticated or session-less POST requests to /modules/winbizpayment/downloads/download.php — the vulnerability is an Incorrect Access Control flaw allowing unauthorized access without proper authentication checks. ↗
- ·The exploit targets winbizpayment module version 1.0.2 and below; versions above 1.0.2 may not be affected. Verify installed module version before applying detections. ↗
- ·The exploit PoC uses a CSRF token field in the POST body, but the vulnerability is an access control bypass — the CSRF token is not validated server-side, so detections should not rely on its presence or absence. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
No writeups or analysis indexed.
http://packetstormsecurity.com/files/173136/PrestaShop-Winbiz-Payment-Improper-Limitation.htmlhttps://friends-of-presta.github.io/security-advisories/modules/2023/06/08/winbizpayment.htmlhttps://github.com/PrestaShop/PrestaShop/blob/6c05518b807d014ee8edb811041e3de232520c28/classes/Tools.php#L1247http://packetstormsecurity.com/files/173136/PrestaShop-Winbiz-Payment-Improper-Limitation.htmlhttps://friends-of-presta.github.io/security-advisories/modules/2023/06/08/winbizpayment.htmlhttps://github.com/PrestaShop/PrestaShop/blob/6c05518b807d014ee8edb811041e3de232520c28/classes/Tools.php#L1247https://packetstorm.news/files/id/173136
2023-06-12
Published