CVE-2023-30192 Scanner

PrestaShop is a popular open-source eCommerce solution designed for effortless online store management, widely used by retailers and developers looking for customizable options. The vulnerability is found in a module called "Search Products" (possearchproducts), which is utilized by merchants for better product search functionality. This module is integrated into PrestaShop environments to enhance user experience by facilitating product searches. Retailers using PrestaShop often install this extension to optimize search capabilities and provide a streamlined shopping experience for their customers. PrestaShop and its modules, like possearchproducts, are usually managed by web development teams or eCommerce professionals looking to scale their online storefronts. Globally, PrestaShop's flexible architecture is favored by small to medium-sized businesses aiming to maintain catalog control and improve checkout processes.

The detected vulnerability in PrestaShop's possearchproducts module is an SQL Injection, a critical threat that allows attackers to manipulate SQL queries by injecting malicious code. This vulnerability exists due to insufficient validation of user inputs, allowing unauthorized actions in the PrestaShop database. By exploiting this flaw, attackers can access and modify sensitive data, corrupt application functionalities, and potentially take over the compromised system entirely. This SQL Injection vulnerability is particularly dangerous in eCommerce platforms like PrestaShop because it can lead to data breaches involving confidential customer information. Attackers often leverage this vulnerability to extract valuable information such as credentials and payment data from the database. This issue needs immediate attention to secure online storefronts and prevent unauthorized exploitation.

Technical aspects of the SQL Injection vulnerability involve the module's parameter handling, specifically when processing queries related to product searches. The vulnerable endpoint is 'SearchProducts.php', which improperly sanitizes and handles input parameters such as 'id_category'. Security flaws in this script can be exploited by injecting SQL statements that allow manipulating database operations. Attack scenarios include time-based SQL Injections, as identified with a sleep delay function, indicating database response control ability by attackers. Validation checks in request inputs fail to discriminate between genuine and malicious requests, allowing the execution of arbitrary SQL commands. Malicious actors can exploit these poorly guarded endpoints to execute commands and retrieve database contents.

Exploiting this susceptibility might lead to severe consequences such as unauthorized database modifications, data theft, or full application compromise. This could give attackers access to sensitive information, allowing them to steal sensitive customer data, including personal and financial information. An exploiter could also conduct further attacks using the compromised system as a launchpad. Additionally, there is a risk of service disruption, where SQL Injection is utilized to corrupt the database, causing operational problems and damaging the integrity of eCommerce transactions. This breach can damage the store's reputation and result in significant financial losses due to theft or operational downtime.

REFERENCES

• https://nvd.nist.gov/vuln/detail/CVE-2023-30192
• https://security.friendsofpresta.org/modules/2023/05/11/possearchproducts.html