In the module “Advanced Popup Creator” (advancedpopupcreator) from Idnovate for PrestaShop, a guest can perform SQL injection in affected versions.
View the template here CVE-2023-27032.yaml
References:
https://nvd.nist.gov/vuln/detail/CVE-2023-27032