SQL injection vulnerability in KnowBand Module One Page Checkout, Social Login & Mailchimp (supercheckout) v.8.0.3 and before allows a remote attacker to execute arbitrary code via a crafted request to the updateCheckoutBehaviour function in the supercheckout.php component.
References
| Link | Resource |
|---|---|
| https://security.friendsofpresta.org/modules/2023/10/05/supercheckout.html | Patch Third Party Advisory |
| https://security.friendsofpresta.org/modules/2023/10/05/supercheckout.html | Patch Third Party Advisory |
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 08:25
| Type | Values Removed | Values Added |
|---|---|---|
| References | () https://security.friendsofpresta.org/modules/2023/10/05/supercheckout.html - Patch, Third Party Advisory |
07 Oct 2023, 02:51
| Type | Values Removed | Values Added |
|---|---|---|
| CWE | CWE-89 | |
| References | (MISC) https://security.friendsofpresta.org/modules/2023/10/05/supercheckout.html - Patch, Third Party Advisory | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 9.8 |
| CPE | cpe:2.3:a:knowband:one_page_checkout\,_social_login_\&_mailchimp:*:*:*:*:*:prestashop:*:* | |
| First Time |
Knowband
Knowband one Page Checkout\, Social Login \& Mailchimp |
05 Oct 2023, 20:15
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2023-10-05 20:15
Updated : 2024-11-21 08:25
NVD link : CVE-2023-44024
Mitre link : CVE-2023-44024
CVE.ORG link : CVE-2023-44024
JSON object : View
Products Affected
knowband
- one_page_checkout\,_social_login_\&_mailchimp
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')