Description
Prestashop opartlimitquantity 1.4.5 and before is vulnerable to SQL Injection. OpartlimitquantityAlertlimitModuleFrontController::displayAjaxPushAlertMessage()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection.
Analysis and contextual insights are available on OpenCVE Cloud.
Remediation
No vendor fix or workaround currently provided.
Additional remediation guidance may be available on OpenCVE Cloud.
Tracking
Sign in to view the affected projects.
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2023-40234 | Prestashop opartlimitquantity 1.4.5 and before is vulnerable to SQL Injection. OpartlimitquantityAlertlimitModuleFrontController::displayAjaxPushAlertMessage()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection. |
References
History
Fri, 12 Jun 2026 14:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Store-opart
Store-opart op\'art Limit Quantity |
|
| CPEs | cpe:2.3:a:store-opart:op\'art_limit_quantity:*:*:*:*:*:prestashop:*:* | |
| Vendors & Products |
Prestashop
Prestashop opartlimitquantity |
Store-opart
Store-opart op\'art Limit Quantity |
Status: PUBLISHED
Assigner: mitre
Published:
Updated: 2024-09-06T18:06:27.697Z
Reserved: 2023-06-21T00:00:00.000Z
Link: CVE-2023-36263
Updated: 2024-08-02T16:45:56.188Z
Status : Analyzed
Published: 2023-10-31T05:15:58.220
Modified: 2026-06-17T06:05:57.850
Link: CVE-2023-36263
No data.
OpenCVE Enrichment
No data.
Weaknesses
EUVD