Improper neutralization of SQL parameter in Theme Volty CMS Testimonial module for PrestaShop. In the module “Theme Volty CMS Testimonial” (tvcmstestimonial) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.
CPE | Name | Operator | Version |
---|---|---|---|
theme_volty_cms_testimonial | le | 4.0.1 |