Improper neutralization of SQL parameter in Theme Volty CMS Category Chain Slider module for PrestaShop. In the module “Theme Volty CMS Category Chain Slide"(tvcmscategorychainslider) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.
References
Link | Resource |
---|---|
https://security.friendsofpresta.org/modules/2023/09/26/tvcmscategorychainslider.html | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-10-03T00:00:00
Updated: 2023-10-03T21:55:48.068758
Reserved: 2023-08-07T00:00:00
Link: CVE-2023-39646
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-10-03T22:15:10.263
Modified: 2023-10-05T15:17:38.827
Link: CVE-2023-39646
JSON object: View
Redhat Information
No data.
CWE