PrestaShop Opart Save Cart SQL Injection Vulnerability (CVE-2023-34575) Analysis

From the webpage screenshot, we can extract the following key information about the vulnerability: CVE ID: CVE-2023-34575 Published Date: 2023-09-19 Platform: PrestaShop Product: Opart Save Cart (opartsavecart) Impacted Release: <= 2.0.7 Product Author: Opart Weakness: CWE-89 (SQL Injection) Severity: Critical (9.8) Description In the "Opart Save Cart" module for PrestaShop, versions <= 2.0.7, sensitive SQL calls exist in the methods and . These can be triggered via simple HTTP requests and exploited for SQL injection attacks. The vulnerability leverages PrestaShop's front controller, allowing attackers to hide the module controller path during exploitation. As a result, traditional front-end logs will only show "POST /", failing to record the full attack path. Detection and confirmation of such attacks are only possible by activating or similar security modules. Possible Malicious Use Gain administrator privileges Delete PrestaShop-related data Copy/paste data from sensitive tables to the front-end to leak tokens and unlock admin AJAX scripts Overwrite SMTP settings to hijack email communications Patch from 2.0.7 Input parameters are now type-cast before SQL queries, e.g., using and to ensure parameter safety. Other Recommendations 1. Upgrade to the latest version of the module. 2. To improve PrestaShop installation security, strongly consider upgrading to the latest version, which disables the use of multi-query execution in PrestaShop installations (separated by semicolons). However, this does not protect your store from data theft attacks exploiting SQL injection UNION clauses. Additionally, PrestaShop’s built-in function includes , which helps protect against Stored XSS (also known as XSS T2) Category 1 attacks. If your project lacks the function, you may be vulnerable to Stored XSS due to edge cases. Therefore, it is crucial to ensure all relevant functions are properly implemented and consistently used in your project. 3. Change the default database prefix to a longer, more random prefix to deter hackers without advanced database management skills. Note, however, that due to design flaws, this may be ineffective under attacks targeting the database management system. 4. Enable the OWASP 942 rule on your WAF (Web Application Firewall), but be aware that this may break your back-office functionality. You should also pre-configure bypass rules for this rule set. Timeline

Goal Reached Thanks to every supporter — we hit 100%!

PrestaShop Opart Save Cart SQL Injection Vulnerability (CVE-2023-34575) Analysis