2 matches found
CVE-2023-45377
In the module "Chronopost Official" chronopost for PrestaShop, a guest can perform SQL injection. The script PHP cancelSkybill.php own a sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...
CVE-2023-45377
The CVE-2023-45377 issue affects the PrestaShop Chronopost Official module (chronopost). The vulnerability allows a guest to perform SQL injection via the PHP script cancelSkybill.php, which contains sensitive SQL calls that can be triggered with a simple HTTP request. The described impact is hig...