Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:34 p.m.4 views

CVE-2023-45377

In the module "Chronopost Official" chronopost for PrestaShop, a guest can perform SQL injection. The script PHP cancelSkybill.php own a sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...

9.8CVSS7.8AI score0.00714EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-49669

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00714EPSS
Exploits0References2
NVD
NVD
added 2023/11/22 5:15 p.m.12 views

CVE-2023-45377

In the module "Chronopost Official" chronopost for PrestaShop, a guest can perform SQL injection. The script PHP cancelSkybill.php own a sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...

9.8CVSS0.00714EPSS
Exploits0References2
OSV
OSV
added 2023/11/22 5:15 p.m.4 views

CVE-2023-45377

In the module "Chronopost Official" chronopost for PrestaShop, a guest can perform SQL injection. The script PHP cancelSkybill.php own a sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...

9.8CVSS5.8AI score
Exploits0References2
Prion
Prion
added 2023/11/22 5:15 p.m.11 views

Sql injection

In the module "Chronopost Official" chronopost for PrestaShop, a guest can perform SQL injection. The script PHP cancelSkybill.php own a sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...

7.5CVSS8AI score0.00714EPSS
Exploits0References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/11/22 12:0 a.m.2 views

CVE-2023-45377

In the module "Chronopost Official" chronopost for PrestaShop, a guest can perform SQL injection. The script PHP cancelSkybill.php own a sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...

9.9AI score0.00714EPSS
Exploits0References2
Cvelist
Cvelist
added 2023/11/22 12:0 a.m.11 views

CVE-2023-45377

In the module "Chronopost Official" chronopost for PrestaShop, a guest can perform SQL injection. The script PHP cancelSkybill.php own a sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...

10AI score0.00714EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/11/22 12:0 a.m.6 views

PrestaShop Chronopost Official Security Breach

PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution offers multiple payment methods, short message alerts, and product image zoom, among other features. A security vulnerability exists in PrestaShop Chronopost Official. An attacker can exploit...

9.8CVSS7.5AI score0.00714EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2023/11/22 12:0 a.m.3 views

PT-2023-29534 · Prestashop · Chronopost Official

Name of the Vulnerable Software and Affected Versions: PrestaShop module "Chronopost Official" chronopost affected versions not specified Description: The issue allows a guest to perform SQL injection in the "Chronopost Official" module for PrestaShop. The PHP script cancelSkybill.php contains...

9.8CVSS9.6AI score0.00714EPSS
Exploits0References4
CVE
CVE
added 2023/11/22 12:0 a.m.35 views

CVE-2023-45377

The CVE-2023-45377 issue affects the PrestaShop Chronopost Official module (chronopost). The vulnerability allows a guest to perform SQL injection via the PHP script cancelSkybill.php, which contains sensitive SQL calls that can be triggered with a simple HTTP request. The described impact is hig...

9.8CVSS9.7AI score0.00714EPSS
Exploits0References2Affected Software1
Openbugbounty
Openbugbounty
added 2017/08/17 2:48 a.m.16 views

chronopost.fr XSS vulnerability

Vulnerable URL: http://www.chronopost.fr/tracking-no-cms/suivi-page?listeNumerosLT=%22confirm%27openbugbounty%27%22=frFR Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 14310 VIP website status:| Yes Check...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/04/02 6:51 p.m.20 views

chronopost.fr XSS vulnerability

Vulnerable URL: http://www.chronopost.fr/fr/chronosuivisearch?listeNumerosLT=sdda〈=fr'-confirm'OPENBUGBOUNTY'-'=buildid=form-oPjTzq0dUqO4GOVKc6u3cdYOCExM-JPRuic1uO1yzcid=chronosuivicolisblockformKNOXSS Details: Description| Value ---|--- Patched:| Yes, at 28.07.2017 Latest check for patch:|...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2017/03/21 10:49 a.m.8 views

services.chronopost.pt XSS vulnerability

Vulnerable URL: https://services.chronopost.pt/followmyparcel/?parcel=asdasd%27;%20alert%27OPENBUGBOUNTY%27;%20x=%271 Details: Description| Value ---|--- Patched:| Yes, at 05.04.2017 Latest check for patch:| 05.04.2017 11:56 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed...

6.3AI score
Exploits0
Openbugbounty
Openbugbounty
added 2016/11/21 7:48 a.m.10 views

scplanning.chronopost.fr XSS vulnerability

Vulnerable URL: http://scplanning.chronopost.fr/supv/help/advanced/workingSet.jsp?operation=%22%22%22%22aaaa%3C/script%3E%3E%3Cimg%20src=x%20onerror=prompt/OPENBUGBOUNTY/%3E%3E= Details: Description| Value ---|--- Patched:| No Latest check for patch:| 07.09.2017 Vulnerability type:| XSS...

6.3AI score
Exploits0
Rows per page
Query Builder