Home

Description

SQL injection vulnerability found in PrestaShop themevolty v.4.0.8 and before allow a remote attacker to gain privileges via the tvcmsblog, tvcmsvideotab, tvcmswishlist, tvcmsbrandlist, tvcmscategorychainslider, tvcmscategoryproduct, tvcmscategoryslider, tvcmspaymenticon, tvcmstestimonial components.

PUBLISHED Reserved 2023-03-05 | Published 2023-10-31 | Updated 2024-09-05 | Assigner mitre

References

security.friendsofpresta.org/...es/2023/10/25/tvcmsblog.html

cve.org (CVE-2023-27846)

nvd.nist.gov (CVE-2023-27846)

Download JSON