Headline

CVE-2023-27638: PrestaShop Custom Product Designer

An issue was discovered in the tshirtecommerce (aka Custom Product Designer) component 2.1.4 for PrestaShop. An HTTP request can be forged with a compromised tshirtecommerce_design_cart_id GET parameter in order to exploit an insecure parameter in the functions hookActionCartSave and updateCustomizationTable, which could lead to a SQL injection. This is exploited in the wild in March 2023.

1 year ago

CVE

Open in Source

#sql #web #ios #android #js #git #java #wordpress #php #auth #chrome #firefox

Forums
Start Selling
Menu Our Products
- Digital assets subscription
- Tutorials & courses
- Create designs, videos & mockups
- Join the Envato community
- Learn from others in the forums
Cart 0
Sign In
All Items
- Popular Files
- Featured Files
- Top New Files
- Follow Feed
- Top Authors
- Top New Authors
- Public Collections
- View All Categories
PHP Scripts
- Popular Items
- Add-ons
- Calendars
- Countdowns
- Database Abstractions
- Forms
- Help and Support Tools
- Images and Media
- Loaders and Uploaders
- Navigation
- News Tickers
- Polls
- Project Management Tools
- Ratings and Charts
- Search
- Shopping Carts
- Social Networking
- Miscellaneous
WordPress
- Popular Items
- Add-ons
- Advertising
- Calendars
- eCommerce
- Elementor
- Forms
- Forums
- Galleries
- Interface Elements
- Media
- Membership
- Newsletters
- SEO
- Social Networking
- Utilities
- Widgets
- Miscellaneous
- WordPress Themes on ThemeForest
eCommerce
- Easy Digital Downloads
- Jigoshop
- Magento Extensions
- OpenCart
- osCommerce
- Prestashop
- UberCart
- VirtueMart
- WooCommerce
- WP e-Commerce
- WP Standalone
- Zen Cart
- Miscellaneous
JavaScript
- Popular Items
- Animated SVGs
- Calendars
- Countdowns
- Database Abstractions
- Forms
- Images and Media
- Loaders and Uploaders
- Media
- Navigation
- News Tickers
- Project Management Tools
- Ratings and Charts
- Shopping Carts
- Sliders
- Social Networks
- Miscellaneous
CSS
- Popular Items
- Animations and Effects
- Buttons
- Charts and Graphs
- Forms
- Layouts
- Navigation and Menus
- Pricing Tables
- Tabs and Sliders
- Miscellaneous
Mobile
- Popular Items
- Android
- Flutter
- iOS
- Native Web
- Titanium
HTML5
- Popular Items
- 3D
- Ad Templates
- Canvas
- Charts and Graphs
- Forms
- Games
- Libraries
- Media
- Presentations
- Sliders
- Storage
- Templates
- Miscellaneous
Skins
- Popular Items
- Bootstrap
- Miscellaneous
WP Themes
Plugins
- Popular Items
- Concrete5
- Drupal
- ExpressionEngine
- Joomla
- Magento Extensions
- Muse Widgets
- OpenCart
- osCommerce
- Prestashop
- Ubercart
- VirtueMart
- Zen Cart
- Miscellaneous
Mockup Generator
More
- .NET
- Apps
- Facebook

Regular License

Regular License Selected

$50

Use, by you or one client, in a single end product which end users are not charged for. The total price includes the item price and a buyer fee.

Extended License Selected

$300

Use, by you or one client, in a single end product which end users can be charged for. The total price includes the item price and a buyer fee.

$50

Included: Quality checked by Envato
Included: Future updates
Not included: dangcv does not support this item
What is support?

Price is in US dollars and excludes tax

Elite Author

Last Update

24 July 2019

Published

22 December 2016

High Resolution

Compatible Browsers

IE11, Firefox, Safari, Opera, Chrome, Edge

Files Included

JavaScript JS, HTML, CSS, PHP

Software Version

PrestaShop 1.7.6.x, PrestaShop 1.7.5.x, PrestaShop 1.7.4.x, PrestaShop 1.7.3.x, PrestaShop 1.7.2.x, PrestaShop 1.7.1.x, PrestaShop 1.7.0.x, PrestaShop 1.6.1.x, PrestaShop 1.6.1, PrestaShop 1.6.0.x, PrestaShop 1.5.6, PrestaShop 1.5.5, PrestaShop 1.5.4, PrestaShop 1.5.3, PrestaShop 1.5.2, PrestaShop 1.5.1, PrestaShop 1.5.0, PrestaShop 1.5.x

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda

11 months ago

11 months ago

11 months ago

11 months ago

11 months ago