4 matches found
CVE-2023-46351
In the module mib 1.6.1 from MyPresta.eu for PrestaShop, a guest can perform SQL injection. The methods mib::getManufacturersByCategory has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...
CVE-2023-46351
In the module mib 1.6.1 from MyPresta.eu for PrestaShop, a guest can perform SQL injection. The methods mib::getManufacturersByCategory has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...
CVE-2023-46351
In the module mib 1.6.1 from MyPresta.eu for PrestaShop, a guest can perform SQL injection. The methods mib::getManufacturersByCategory has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection...
CVE-2023-46351
The CVE-2023-46351 issue affects the mib module for PrestaShop before version 1.6.1. A guest can perform SQL injection via the mib::getManufacturersByCategory() function, triggered by a trivial HTTP request. The underlying SQL calls are sensitive, allowing an attacker to forge a SQL injection wit...