exploitDog

GHSA-94h8-58cc-qx4x

Опубликовано: 04 окт. 2023

Источник: github

Github: Не прошло ревью

CVSS3: 9.8

Описание

Improper neutralization of SQL parameter in Theme Volty CMS BrandList module for PrestaShop In the module “Theme Volty CMS BrandList” (tvcmsbrandlist) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.

Improper neutralization of SQL parameter in Theme Volty CMS BrandList module for PrestaShop In the module “Theme Volty CMS BrandList” (tvcmsbrandlist) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.

Ссылки

EPSS

Процентиль: 20%

0.00066

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89

Связанные уязвимости

CVE-2023-39651

CVSS3: 9.8

nvd

больше 2 лет назад

Improper neutralization of SQL parameter in Theme Volty CMS BrandList module for PrestaShop In the module “Theme Volty CMS BrandList” (tvcmsbrandlist) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.

EPSS

Процентиль: 20%

0.00066

Низкий

9.8 Critical

CVSS3

CVE ID

Дефекты

CWE-89