What is CVE-2023-27847?

CVE-2023-27847 is a vulnerability in N/a. Published 2023-03-27.

Is CVE-2023-27847 known to be exploited?

2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in N/a

CVE-2023-27847

SQL injection vulnerability found in PrestaShop xipblog v.2.0.1 and before allow a remote attacker to gain privileges via the xipcategoryclass and xippostsclass components.

EPSS: 0.731 (98.8th percentile) — read the EPSS interpretation.

Affected products

N/a — versions n/a

Public proof-of-concept exploits

20142995/nuclei-templates
cyb3r-w0lf/nuclei-template-collection

References

github.com/xpert-idea/xipblog/
friends-of-presta.github.io/security-advisories/modules/2023/03/23/xipblog.html

Frequently asked questions

What is CVE-2023-27847?: CVE-2023-27847 is a vulnerability in N/a. Published 2023-03-27.
Is CVE-2023-27847 known to be exploited?: 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.