CVE-2025-69633: n/a
CVE-2025-69633 is a SQL Injection vulnerability in the Advanced Popup Creator module for PrestaShop versions 1. 1. 26 through 1. 2. 6. It allows remote, unauthenticated attackers to execute arbitrary SQL queries via the fromController parameter in the popup controller. The vulnerability arises because this parameter is passed unsanitized to SQL queries in the getPopups() and updateVisits() functions within classes/AdvancedPopup. php. Exploitation does not require authentication or user interaction. Although no known exploits are reported in the wild, the flaw can lead to data leakage, data manipulation, or complete database compromise.
AI Analysis
Technical Summary
CVE-2025-69633 is a critical SQL Injection vulnerability identified in the Advanced Popup Creator module for PrestaShop, affecting versions 1.1.26 through 1.2.6. The vulnerability stems from improper sanitization of the fromController parameter in the popup controller, which is directly incorporated into SQL queries within the getPopups() and updateVisits() functions in the AdvancedPopup.php file. This flaw allows remote attackers to inject arbitrary SQL commands without requiring authentication or user interaction, enabling them to manipulate or exfiltrate sensitive database information. The vulnerability impacts the confidentiality, integrity, and availability of the affected systems' databases. Although no public exploits have been reported yet, the nature of SQL Injection makes it a high-risk issue, especially for e-commerce platforms relying on PrestaShop and this module. The vulnerability was addressed in version 1.2.7 of the Advanced Popup Creator module, which includes proper input validation and query parameterization to prevent injection attacks. Organizations running vulnerable versions should prioritize patching and review their database access logs for suspicious activity. This vulnerability highlights the importance of secure coding practices, especially in modules handling user input for dynamic SQL queries.
Potential Impact
For European organizations, particularly those operating e-commerce platforms using PrestaShop with the Advanced Popup Creator module, this vulnerability poses a significant risk. Successful exploitation can lead to unauthorized data access, including customer personal and payment information, which can result in data breaches and regulatory non-compliance under GDPR. Attackers could also modify or delete critical data, disrupting business operations and damaging reputation. The ability to execute arbitrary SQL commands remotely without authentication increases the attack surface and lowers the barrier for exploitation. This could lead to financial losses, legal penalties, and erosion of customer trust. Given the widespread use of PrestaShop in Europe, especially in countries with large e-commerce markets, the potential impact is substantial. Additionally, compromised systems could be leveraged for further attacks within corporate networks or supply chains.
Mitigation Recommendations
1. Immediately upgrade the Advanced Popup Creator module to version 1.2.7 or later, where the vulnerability is fixed. 2. If upgrading is not immediately possible, implement web application firewall (WAF) rules to detect and block suspicious SQL injection attempts targeting the fromController parameter. 3. Conduct a thorough code review of custom and third-party modules to ensure all user inputs are properly sanitized and parameterized in SQL queries. 4. Enable and monitor detailed database and application logs to detect anomalous queries or access patterns indicative of exploitation attempts. 5. Restrict database user permissions to the minimum necessary to limit the impact of any successful injection. 6. Educate development teams on secure coding practices, emphasizing input validation and the use of prepared statements. 7. Perform regular vulnerability scans and penetration testing focusing on injection flaws in web applications. 8. Ensure timely application of security patches for all components of the e-commerce platform.
Affected Countries
Germany, France, United Kingdom, Italy, Spain, Netherlands, Poland
CVE-2025-69633: n/a
Description
CVE-2025-69633 is a SQL Injection vulnerability in the Advanced Popup Creator module for PrestaShop versions 1. 1. 26 through 1. 2. 6. It allows remote, unauthenticated attackers to execute arbitrary SQL queries via the fromController parameter in the popup controller. The vulnerability arises because this parameter is passed unsanitized to SQL queries in the getPopups() and updateVisits() functions within classes/AdvancedPopup. php. Exploitation does not require authentication or user interaction. Although no known exploits are reported in the wild, the flaw can lead to data leakage, data manipulation, or complete database compromise.
AI-Powered Analysis
Technical Analysis
CVE-2025-69633 is a critical SQL Injection vulnerability identified in the Advanced Popup Creator module for PrestaShop, affecting versions 1.1.26 through 1.2.6. The vulnerability stems from improper sanitization of the fromController parameter in the popup controller, which is directly incorporated into SQL queries within the getPopups() and updateVisits() functions in the AdvancedPopup.php file. This flaw allows remote attackers to inject arbitrary SQL commands without requiring authentication or user interaction, enabling them to manipulate or exfiltrate sensitive database information. The vulnerability impacts the confidentiality, integrity, and availability of the affected systems' databases. Although no public exploits have been reported yet, the nature of SQL Injection makes it a high-risk issue, especially for e-commerce platforms relying on PrestaShop and this module. The vulnerability was addressed in version 1.2.7 of the Advanced Popup Creator module, which includes proper input validation and query parameterization to prevent injection attacks. Organizations running vulnerable versions should prioritize patching and review their database access logs for suspicious activity. This vulnerability highlights the importance of secure coding practices, especially in modules handling user input for dynamic SQL queries.
Potential Impact
For European organizations, particularly those operating e-commerce platforms using PrestaShop with the Advanced Popup Creator module, this vulnerability poses a significant risk. Successful exploitation can lead to unauthorized data access, including customer personal and payment information, which can result in data breaches and regulatory non-compliance under GDPR. Attackers could also modify or delete critical data, disrupting business operations and damaging reputation. The ability to execute arbitrary SQL commands remotely without authentication increases the attack surface and lowers the barrier for exploitation. This could lead to financial losses, legal penalties, and erosion of customer trust. Given the widespread use of PrestaShop in Europe, especially in countries with large e-commerce markets, the potential impact is substantial. Additionally, compromised systems could be leveraged for further attacks within corporate networks or supply chains.
Mitigation Recommendations
1. Immediately upgrade the Advanced Popup Creator module to version 1.2.7 or later, where the vulnerability is fixed. 2. If upgrading is not immediately possible, implement web application firewall (WAF) rules to detect and block suspicious SQL injection attempts targeting the fromController parameter. 3. Conduct a thorough code review of custom and third-party modules to ensure all user inputs are properly sanitized and parameterized in SQL queries. 4. Enable and monitor detailed database and application logs to detect anomalous queries or access patterns indicative of exploitation attempts. 5. Restrict database user permissions to the minimum necessary to limit the impact of any successful injection. 6. Educate development teams on secure coding practices, emphasizing input validation and the use of prepared statements. 7. Perform regular vulnerability scans and penetration testing focusing on injection flaws in web applications. 8. Ensure timely application of security patches for all components of the e-commerce platform.
Affected Countries
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- mitre
- Date Reserved
- 2026-01-09T00:00:00.000Z
- Cvss Version
- null
- State
- PUBLISHED
Threat ID: 698f9fdcc9e1ff5ad86c3966
Added to database: 2/13/2026, 10:04:12 PM
Last enriched: 2/13/2026, 10:19:12 PM
Last updated: 2/14/2026, 12:13:31 AM
Views: 6
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Related Threats
CVE-2024-47071: CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in FreePBX endpointman
MediumCVE-2026-26273: CWE-200: Exposure of Sensitive Information to an Unauthorized Actor in idno known
CriticalCVE-2025-70957: n/a
HighCVE-2026-26335: CWE-321 Use of Hard-coded Cryptographic Key in Calero VeraSMART
CriticalCVE-2026-26334: CWE-798 Use of Hard-coded Credentials in Calero VeraSMART
HighActions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console in Console -> Billing for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.