CVE-2023-33280 Information

Description

In the Store Commander scquickaccounting module for PrestaShop through 3.7.3 multiple sensitive SQL calls can be executed with a trivial HTTP request and exploited to forge a blind SQL injection.

Reference

https://friends-of-presta.github.io/security-advisories/modules/2023/05/25/scquickaccounting.html https://www.storecommander.com/en/addons/440-order-export-pro.html