Filtered by vendor Shoprunners
Subscriptions
Filtered by product Aftermail
Subscriptions
Total
1 CVE
CVE | Vendors | Products | Updated | CVSS v3.1 |
---|---|---|---|---|
CVE-2023-30154 | 1 Shoprunners | 1 Aftermail | 2024-11-21 | 9.8 Critical |
Multiple improper neutralization of SQL parameters in module AfterMail (aftermailpresta) for PrestaShop, before version 2.2.1, allows remote attackers to perform SQL injection attacks via `id_customer`, `id_conf`, `id_product` and `token` parameters in `aftermailajax.php via the 'id_product' parameter in hooks DisplayRightColumnProduct and DisplayProductButtons. |
Page 1 of 1.