CVE-2023-30149

CVE-2023-30149

SQL injection vulnerability in the City Autocomplete (cityautocomplete) module from ebewe.net for PrestaShop, prior to version 1.8.12 (for PrestaShop version 1.5/1.6) or prior to 2.0.3 (for PrestaShop version 1.7), allows remote attackers to execute arbitrary SQL commands via the type, input_name. or q parameter in the autocompletion.php front controller.

Source: CVE-2023-30149

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다