CVE-2023-27032 Scanner

The PrestaShop AdvancedPopupCreator is a module used in PrestaShop, allowing enhanced popup functionalities for online stores. Typically employed by e-commerce businesses, its purpose includes creating engaging popups for promotions, product announcements, and newsletter sign-ups. The module is developed by Idnovate and integrates smoothly into the PrestaShop platform. It is designed to capture user attention and increase conversions through customized popup windows. Vendors utilize this tool to maximize user interaction at various points of their online purchasing journey. It is particularly popular among PrestaShop users due to its dynamic and versatile popup options.

The vulnerability addressed in this scanner is a critical SQL Injection within the PrestaShop AdvancedPopupCreator module. This flaw allows unauthorized guests to inject SQL commands into the database, potentially compromising data integrity and confidentiality. Such vulnerabilities arise when user input is not properly sanitized before being included in SQL queries. The SQL Injection impact is high because it can lead to unauthorized data access, data loss, or corruption. This collection of SQL commands can manipulate the underlying database in a way that was not intended by the application's designers. Therefore, it poses significant risks to both data integrity and system availability.

In the technical details, the vulnerability is triggered via the module’s HTTP request handling, particularly the POST method used for popup configuration. A vulnerable parameter is 'availablePopups' where a SQL injection payload can be included through the 'if(now()=sysdate()%2Csleep(6)%2C0)' syntax. The endpoint responsible for processing these inputs fails to verify and sanitize them, making it susceptible to time-based SQL injections. The condition for exploitation checks that certain outputs, such as 'popups' and 'hasError', appear within the response body. These technical details highlight how the manipulation of SQL queries can be implanted into HTTP requests to exploit vulnerabilities within the module.

Exploiting this SQL injection vulnerability can cause several adverse effects. Successful exploitation could allow an attacker to read or modify sensitive data stored in the application's database. It could also lead to information disclosure about the database schema and the application logic. In some instances, attackers might be able to elevate their privileges, obtaining unauthorized access to user accounts or system controls. Additionally, SQL Injection can result in data loss, data corruption, or rendering the application unusable, thus affecting the availability of the service. The strategic use of these exploitations could also lead to further attacks on the host system or network.

REFERENCES

• https://security.friendsofpresta.org/modules/2023/04/11/advancedpopupcreator.html
• https://addons.prestashop.com/en/pop-up/23773-popup-on-entry-exit-popup-add-product-and-newsletter.html