Improper neutralization of SQL parameter in Theme Volty CMS Category Slider module for PrestaShop. In the module “Theme Volty CMS Category Slider” (tvcmscategoryslider) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.
References
Link | Resource |
---|---|
https://security.friendsofpresta.org/modules/2023/09/26/tvcmscategoryslider.html | Patch Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2023-10-03T00:00:00
Updated: 2023-10-03T21:13:47.950689
Reserved: 2023-08-07T00:00:00
Link: CVE-2023-39649
JSON object: View
NVD Information
Status : Analyzed
Published: 2023-10-03T22:15:10.367
Modified: 2023-10-05T15:17:55.947
Link: CVE-2023-39649
JSON object: View
Redhat Information
No data.
CWE