CVE-2023-26865
CVE-2023-26865 describes a SQL injection in PrestaShop bdroppy before or at v2.2.12, exploitable via the BdroppyCronModuleFrontController::importProducts component to gain remote privileges. Affected software is PrestaShop with the bdroppy module (versions ≤ 2.2.12). The root cause is improper ha...