6 matches found
CVE-2023-45378
In the module "PrestaBlog" prestablog version 4.4.7 and before from HDclic for PrestaShop, a guest can perform SQL injection. The script ajax sliderpositions.php has a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection...
EUVD-2023-49670
Malicious code in bioql PyPI...
CVE-2023-45378
In the module "PrestaBlog" prestablog version 4.4.7 and before from HDclic for PrestaShop, a guest can perform SQL injection. The script ajax sliderpositions.php has a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection...
Sql injection
In the module "PrestaBlog" prestablog version 4.4.7 and before from HDclic for PrestaShop, a guest can perform SQL injection. The script ajax sliderpositions.php has a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection...
CVE-2023-45378
CVE-2023-45378 affects the PrestaBlog module (PrestaShop) version 4.4.7 and earlier from HDclic. The vulnerability is an unauthenticated SQL injection in the script ajax slider_positions.php, allowing a guest to perform a SQL injection via a trivial HTTP request. Reported impact in the sources is...
CVE-2023-45378
In the module "PrestaBlog" prestablog version 4.4.7 and before from HDclic for PrestaShop, a guest can perform SQL injection. The script ajax sliderpositions.php has a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection...