Filtered by vendor Sunnytoo Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2023-46348 1 Sunnytoo 1 Sturls 2024-11-21 9.8 Critical
SQL njection vulnerability in SunnyToo sturls before version 1.1.13, allows attackers to escalate privileges and obtain sensitive information via StUrls::hookActionDispatcher and StUrls::getInstanceId methods.
CVE-2023-43985 1 Sunnytoo 1 Stblogsearch 2024-11-21 9.8 Critical
SunnyToo stblogsearch up to v1.0.0 was discovered to contain a SQL injection vulnerability via the StBlogSearchClass::prepareSearch component.