Awesome
CVE-2022-31101
Exploit for PrestaShop bockwishlist module 2.1.0 SQLi (CVE-2022-31101)
Usage
python3 cve-2022-31101.py
- Give the url to the wishlist when prompted. Example of a url:
http://example.com/module/blockwishlist/view?id_wishlist=1
- Give the cookies for your account when prompted.
- Now it will start attacking the website.
In action
Note
This exploit assumes the prefix for the table names in the database to be ps_
. It is the default prefix given by PrestaShop.