CVE-2025-69633 – PrestaShop Advanced Popup Creator SQL Injection

CVE ID : CVE-2025-69633

Published : Feb. 13, 2026, 10:16 p.m. | 2 hours, 13 minutes ago

Description : A SQL Injection vulnerability in the Advanced Popup Creator (advancedpopupcreator) module for PrestaShop 1.1.26 through 1.2.6 (Fixed in version 1.2.7) allows remote unauthenticated attackers to execute arbitrary SQL queries via the fromController parameter in the popup controller. The parameter is passed unsanitized to SQL queries in classes/AdvancedPopup.php (getPopups() and updateVisits() functions).

Severity: 0.0 | NA

Visit the link for more details, such as CVSS details, affected products, timeline, and more… 

نوشته های مشابه

CVE-2026-24853 – Caido has an insufficient patch for DNS rebind leading to RCE

CVE-2025-70956 – TON Virtual Machine (TVM) State Pollution Denial of Service

CVE-2025-70955 – TON Virtual Machine (TVM) Stack Overflow Denial of Service (DoS) Vulnerability

CVE-2025-70954 – TON Virtual Machine (TVM) Null Pointer Dereference Denial of Service