3 matches found
CVE-2023-30154
Multiple improper neutralization of SQL parameters in module AfterMail aftermailpresta for PrestaShop, before version 2.2.1, allows remote attackers to perform SQL injection attacks via idcustomer, idconf, idproduct and token parameters in aftermailajax.php via the 'idproduct' parameter in hooks...
CVE-2023-30154
Multiple improper neutralization of SQL parameters in module AfterMail aftermailpresta for PrestaShop, before version 2.2.1, allows remote attackers to perform SQL injection attacks via idcustomer, idconf, idproduct and token parameters in aftermailajax.php via the 'idproduct' parameter in hooks...
PT-2023-22562 · Unknown +1 · Prestashop +1
Name of the Vulnerable Software and Affected Versions: AfterMail aftermailpresta for PrestaShop versions prior to 2.2.1 Description: The issue is related to multiple improper neutralization of SQL parameters, allowing remote attackers to perform SQL injection attacks. This can be done via...