CVE-2023-30192 – PrestaShop possearchproducts module version 1.7... (How to Fix)

Q: What is the severity of CVE-2023-30192?

CVE-2023-30192 has a CVSS score of 9.8 (CRITICAL). PrestaShop possearchproducts module version 1.7 contains a SQL injection vulnerability in the PosSearch::find() function. This allows attackers to execute arbitrary SQL commands on the database, potentially compromising the entire PrestaShop installation. All PrestaShop installations using the vulnerable possearchproducts module are affected.

📋 TL;DR

PrestaShop possearchproducts module version 1.7 contains a SQL injection vulnerability in the PosSearch::find() function. This allows attackers to execute arbitrary SQL commands on the database, potentially compromising the entire PrestaShop installation. All PrestaShop installations using the vulnerable possearchproducts module are affected.

💻 Affected Systems

Products:

PrestaShop possearchproducts module

Versions: Version 1.7

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Only affects PrestaShop installations with the possearchproducts module installed and enabled.

📦 What is this software?

Possearchproducts by Prestashop

View all CVEs affecting Possearchproducts →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete database compromise leading to data theft, privilege escalation, remote code execution, and full system takeover.

🟠

Likely Case

Database information disclosure, including customer data, admin credentials, and sensitive business information.

🟢

If Mitigated

Limited data exposure if proper input validation and database permissions are configured.

🌐 Internet-Facing: HIGH - The vulnerability is in a search function typically exposed to public users.

🏢 Internal Only: MEDIUM - Could be exploited by authenticated users or through other attack vectors.

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

SQL injection vulnerabilities are commonly exploited and tools exist for automated exploitation.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check with module developer for updated version

Vendor Advisory: https://friends-of-presta.github.io/security-advisories/modules/2023/05/11/possearchproducts.html

Restart Required: No

Instructions:

1. Remove the possearchproducts module from your PrestaShop installation. 2. Contact the module developer (posthemes) for a patched version. 3. Install the updated version if available.

🔧 Temporary Workarounds

Disable possearchproducts module

all

Temporarily disable the vulnerable module to prevent exploitation

Navigate to PrestaShop admin panel > Modules > Module Manager > Disable possearchproducts

Implement WAF rules

all

Add web application firewall rules to block SQL injection attempts

Add SQL injection detection rules to your WAF configuration

🧯 If You Can't Patch

Implement strict input validation and parameterized queries in custom code
Restrict database user permissions to minimum required access

🔍 How to Verify

Check if Vulnerable:

Check if possearchproducts module version 1.7 is installed in PrestaShop admin panel under Modules > Module Manager

Check Version:

Check module version in PrestaShop admin panel or examine /modules/possearchproducts/ directory

Verify Fix Applied:

Verify the module is either removed, disabled, or updated to a patched version

📡 Detection & Monitoring

Log Indicators:

Unusual SQL queries in database logs
Multiple failed search attempts with SQL syntax
Unexpected database errors

Network Indicators:

HTTP requests containing SQL keywords to search endpoints
Unusual traffic patterns to search functionality

SIEM Query:

web_requests WHERE url CONTAINS 'search' AND (request_body CONTAINS 'UNION' OR request_body CONTAINS 'SELECT' OR request_body CONTAINS 'OR 1=1')

📊 Metadata

CVE ID: CVE-2023-30192

CVSS v3 Score: 9.8 (CRITICAL)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE: CWE-89

Published: May 12, 2023

Last Updated: January 27, 2025

🔗 References

https://friends-of-presta.github.io/security-advisories/modules/2023/05/11/possearchproducts.html Exploit,Patch,Third Party Advisory
https://themeforest.net/user/posthemes/portfolio Product
https://friends-of-presta.github.io/security-advisories/modules/2023/05/11/possearchproducts.html Exploit,Patch,Third Party Advisory
https://themeforest.net/user/posthemes/portfolio Product

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2023-30192, you might also want to check these: