CVE-2023-50027

Name of the Vulnerable Software and Affected Versions PrestaShop Buy Addons baproductzoommagnifier module versions 1.0.16 and before

Description The issue is related to a lack of protection against SQL structure attacks in the BaproductzoommagnifierZoomModuleFrontController::run() method of the Best Zoom Magnifier Effect - BAZoom Magnifier web application for the open-source e-commerce platform PrestaShop. This can allow a remote attacker to escalate privileges and gain access to read, modify, or delete data. The BaproductzoommagnifierZoomModuleFrontController::run() method is vulnerable to SQL injection attacks.

Recommendations For PrestaShop Buy Addons baproductzoommagnifier module versions 1.0.16 and before, consider disabling the BaproductzoommagnifierZoomModuleFrontController::run() method until a patch is available to prevent potential SQL injection attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.