2 matches found
CVE-2023-39650
The CVE-2023-39650 entry corresponds to a SQL injection in the PrestaShop Theme Volty CMS Blog module (tvcmsblog) up to version 4.0.1, exploitable via the id parameter at /tvcmsblog/single. The nuclei template confirms the vulnerability in tvcmsblog up to 4.0.1 and describes impact as arbitrary S...
CVE-2023-27846
CVE-2023-27846 affects PrestaShop themevolty module up to v4.0.8 and earlier. The vulnerability is described as SQL injection in multiple tvcms* components (tvcmsblog, tvcmsvideotab, tvcmswishlist, tvcmsbrandlist, tvcmscategorychainslider, tvcmscategoryproduct, tvcmscategoryslider, tvcmspaymentic...