23 matches found
EUVD-2023-48344
Malicious code in bioql PyPI...
CVE-2024-28388
SQL injection vulnerability in SunnyToo stproductcomments module for PrestaShop v.1.0.5 and before, allows a remote attacker to escalate privileges and obtain sensitive information via the StProductCommentClass::getListcomments method...
CVE-2023-46348
SQL njection vulnerability in SunnyToo sturls before version 1.1.13, allows attackers to escalate privileges and obtain sensitive information via StUrls::hookActionDispatcher and StUrls::getInstanceId methods...
CVE-2023-43985
SunnyToo stblogsearch up to v1.0.0 was discovered to contain a SQL injection vulnerability via the StBlogSearchClass::prepareSearch component...
CVE-2024-28388
SQL injection vulnerability in SunnyToo stproductcomments module for PrestaShop v.1.0.5 and before, allows a remote attacker to escalate privileges and obtain sensitive information via the StProductCommentClass::getListcomments method...
CVE-2024-28388
SQL injection vulnerability in SunnyToo stproductcomments module for PrestaShop v.1.0.5 and before, allows a remote attacker to escalate privileges and obtain sensitive information via the StProductCommentClass::getListcomments method...
Sql injection
SQL injection vulnerability in SunnyToo stproductcomments module for PrestaShop v.1.0.5 and before, allows a remote attacker to escalate privileges and obtain sensitive information via the StProductCommentClass::getListcomments method...
CVE-2024-28388
SQL injection vulnerability in SunnyToo stproductcomments module for PrestaShop v.1.0.5 and before, allows a remote attacker to escalate privileges and obtain sensitive information via the StProductCommentClass::getListcomments method...
CVE-2024-28388
The CVE-2024-28388 vulnerability affects SunnyToo stproductcomments module for PrestaShop up to version 1.0.5 and earlier, due to a SQL injection in StProductCommentClass::getListcomments. The issue can allow a remote attacker to escalate privileges and exfiltrate sensitive information, with CVSS...
PT-2024-22407 · Unknown · Sunnytoo Stproductcomments +1
Name of the Vulnerable Software and Affected Versions: SunnyToo stproductcomments module for PrestaShop versions 1.0.5 and earlier Description: The issue allows a remote attacker to escalate privileges and obtain sensitive information via the StProductCommentClass::getListcomments method. This is...
CVE-2023-43985
SunnyToo stblogsearch up to v1.0.0 was discovered to contain a SQL injection vulnerability via the StBlogSearchClass::prepareSearch component...
Sql injection
SunnyToo stblogsearch up to v1.0.0 was discovered to contain a SQL injection vulnerability via the StBlogSearchClass::prepareSearch component...
CVE-2023-43985
The CVE-2023-43985 issue affects SunnyToo Stblogsearch for PrestaShop, with the vulnerability located in the StBlogSearchClass::prepareSearch component. Affects versions up to 1.0.0; CVSS base score 9.8 (CRITICAL) with network attack vector, no user interaction, and high impact on confidentiality...
CVE-2023-43985
SunnyToo stblogsearch up to v1.0.0 was discovered to contain a SQL injection vulnerability via the StBlogSearchClass::prepareSearch component...
CVE-2023-43985
SunnyToo stblogsearch up to v1.0.0 was discovered to contain a SQL injection vulnerability via the StBlogSearchClass::prepareSearch component...
PT-2024-13152 · Sunnytoo · Stblogsearch
Name of the Vulnerable Software and Affected Versions: SunnyToo stblogsearch versions up to 1.0.0 Description: The issue is related to a SQL injection vulnerability. It affects the StBlogSearchClass::prepareSearch component, allowing for potential exploitation. No information is provided about th...
CVE-2023-46348
SQL njection vulnerability in SunnyToo sturls before version 1.1.13, allows attackers to escalate privileges and obtain sensitive information via StUrls::hookActionDispatcher and StUrls::getInstanceId methods...
CVE-2023-46348
SQL njection vulnerability in SunnyToo sturls before version 1.1.13, allows attackers to escalate privileges and obtain sensitive information via StUrls::hookActionDispatcher and StUrls::getInstanceId methods...
CVE-2023-46348
SQL njection vulnerability in SunnyToo sturls before version 1.1.13, allows attackers to escalate privileges and obtain sensitive information via StUrls::hookActionDispatcher and StUrls::getInstanceId methods...
Sql injection
SQL njection vulnerability in SunnyToo sturls before version 1.1.13, allows attackers to escalate privileges and obtain sensitive information via StUrls::hookActionDispatcher and StUrls::getInstanceId methods...