3 matches found
PrestaShop SQL Injection (CVE-2021-3110)
An SQL injection vulnerability exists in PrestaShop. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2021-3110
creationtimestamp| type| source ---|---|--- 2021-01-20 16:27:05+00:00| seen| https://t.me/cibsecurity/22328 2023-04-27 09:58:59+00:00| confirmed| https://github.com/projectdiscovery/nuclei-templates/tree/main/http/cves/2021/CVE-2021-3110.yaml...
CVE-2021-3110
CVE-2021-3110 affects PrestaShop 1.7.7.0. The vulnerability is a time-based Boolean SQL injection in the store system via the parameter module=productcomments controller=CommentGrade id_products[] . The issue can allow an attacker to extract information, modify data, or perform unauthorized admin...