S4E

CVE-2023-30150 Scanner

Detects 'SQL Injection (SQLi)' vulnerability in PrestaShop leocustomajax affects v. 1.0 and 1.0.0.

Short Info


Level

Critical

Single Scan

Single Scan

Can be used by

Asset Owner

Estimated Time

10 seconds

Time Interval

1 month 2 days

Scan only one

Domain, IPv4

Toolbox

-

PrestaShop leocustomajax 1.0 and 1.0.0 is a module designed to add custom AJAX functionality to your PrestaShop eCommerce store. The module allows you to create custom AJAX scripts without having to write a single line of code. You can customize the content of your pages, add new elements, and much more.

The CVE-2023-30150 vulnerability detected in the PrestaShop leocustomajax module makes it vulnerable to SQL injection via modules/leocustomajax/leoajax.php. SQL injection is a type of web vulnerability that allows an attacker to inject malicious SQL statements into a vulnerable web application. This vulnerability can be exploited by malicious actors to gain access to sensitive data.

When exploited, the CVE-2023-30150 vulnerability in the PrestaShop leocustomajax module can lead to the theft of sensitive data such as user logins, passwords, and credit card information. Attackers can also manipulate data or take control of the website. This can cause reputational damage to the eCommerce store and its owners.

Thanks to the pro features of the s4e.io platform, those who read this article can easily and quickly learn about vulnerabilities in their digital assets. The platform provides a comprehensive cybersecurity solution for businesses of all sizes. With a wide range of features, such as vulnerability scanning, web application firewall, and malware detection, you can ensure the security of your online assets. Moreover, you can get real-time alerts and reports on potential security threats, which helps you to take prompt actions to protect your eCommerce store. Protect your eCommerce store with s4e.io today!

 

REFERENCES

Get started to protecting your Free Full Security Scan