2 matches found
CVE-2023-23315
The PrestaShop e-commerce platform module stripejs contains a Blind SQL injection vulnerability up to version 4.5.5. The method stripejsValidationModuleFrontController::initContent has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...
CVE-2023-23315
The PrestaShop stripejs module up to version 4.5.5 contains a Blind SQL injection in stripejsValidationModuleFrontController::initContent(), exploitable via a simple HTTP request and capable of affecting confidentiality, integrity, and availability. Remediation guidance across connected sources i...