3 matches found
CVE-2023-45378
In the module "PrestaBlog" prestablog version 4.4.7 and before from HDclic for PrestaShop, a guest can perform SQL injection. The script ajax sliderpositions.php has a sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection...
PrestaShop Security Breach
PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image zoom and other features. PrestaShop PrestaBlog 4.4.7 version before a security vulnerability , the vulnerability stem...
PT-2023-29535 · Prestashop +1 · Prestablog +1
Name of the Vulnerable Software and Affected Versions: PrestaBlog versions 4.4.7 and earlier Description: The issue allows a guest to perform SQL injection in the PrestaBlog module for PrestaShop. Specifically, the script ajax slider positions.php contains a sensitive SQL call that can be execute...