5 matches found
CVE-2023-45377
In the module "Chronopost Official" chronopost for PrestaShop, a guest can perform SQL injection. The script PHP cancelSkybill.php own a sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...
Sql injection
In the module "Chronopost Official" chronopost for PrestaShop, a guest can perform SQL injection. The script PHP cancelSkybill.php own a sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...
CVE-2023-45377
In the module "Chronopost Official" chronopost for PrestaShop, a guest can perform SQL injection. The script PHP cancelSkybill.php own a sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...
PT-2023-29534 · Prestashop · Chronopost Official
Name of the Vulnerable Software and Affected Versions: PrestaShop module "Chronopost Official" chronopost affected versions not specified Description: The issue allows a guest to perform SQL injection in the "Chronopost Official" module for PrestaShop. The PHP script cancelSkybill.php contains...
CVE-2023-45377
The CVE-2023-45377 issue affects the PrestaShop Chronopost Official module (chronopost). The vulnerability allows a guest to perform SQL injection via the PHP script cancelSkybill.php, which contains sensitive SQL calls that can be triggered with a simple HTTP request. The described impact is hig...