3 matches found
CVE-2023-46349
creationtimestamp| type| source ---|---|--- 2023-12-17 10:42:25+00:00| seen| https://t.me/ctinow/155566...
CVE-2023-46349
In the module "Product Catalog CSV, Excel Export/Update" updateproducts 3.8.5 from MyPrestaModules for PrestaShop, a guest can perform SQL injection. The method productsUpdateModel::getExportIds has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL...
CVE-2023-46349
CVE-2023-46349 affects the PrestaShop module “Product Catalog (CSV, Excel) Export/Update” versions prior to 3.8.5. The vulnerability stems from the getExportIds() function that makes sensitive SQL calls, which can be triggered by a trivial HTTP request to forge a SQL injection. This creates a pot...