Improper neutralization of SQL parameter in Theme Volty CMS Category Product module for PrestaShop. In the module “Theme Volty CMS Category Product” (tvcmscategoryproduct) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.
References
Link | Resource |
---|---|
https://security.friendsofpresta.org/modules/2023/09/26/tvcmscategoryproduct.html | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-10-03T00:00:00
Updated: 2023-10-03T22:04:15.189772
Reserved: 2023-08-07T00:00:00
Link: CVE-2023-39647
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-10-03T23:15:09.380
Modified: 2023-10-05T15:19:55.307
Link: CVE-2023-39647
JSON object: View
Redhat Information
No data.
CWE