exploitDog

CVE-2023-39639

Опубликовано: 15 сент. 2023

Источник: nvd

CVSS3: 9.8

EPSS Низкий

Описание

LeoTheme leoblog up to v3.1.2 was discovered to contain a SQL injection vulnerability via the component LeoBlogBlog::getListBlogs.

Ссылки

https://addons.prestashop.com/fr/2_community-developer?contributor=190902&id_category=3
Product
https://security.friendsofpresta.org/modules/2023/08/31/leoblog.html
Exploit
Patch
Third Party Advisory
https://addons.prestashop.com/fr/2_community-developer?contributor=190902&id_category=3
Product
https://security.friendsofpresta.org/modules/2023/08/31/leoblog.html
Exploit
Patch
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:leotheme:leoblog:*:*:*:*:*:prestashop:*:*

Версия до 3.1.2 (включая)

EPSS

Процентиль: 36%

0.0015

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89

Связанные уязвимости

GHSA-85h5-2vpm-q2g3

CVSS3: 9.8

github

больше 2 лет назад

LeoTheme leoblog up to v3.1.2 was discovered to contain a SQL injection vulnerability via the component LeoBlogBlog::getListBlogs.

EPSS

Процентиль: 36%

0.0015

Низкий

9.8 Critical

CVSS3

Дефекты

CWE-89