In the module "Chronopost Official" (chronopost) for PrestaShop, a guest can perform SQL injection. The script PHP `cancelSkybill.php` own a sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection.
Metrics
Affected Vendors & Products
References
History
No history.

Status: PUBLISHED
Assigner: mitre
Published: 2023-11-22T00:00:00
Updated: 2024-08-02T20:21:16.618Z
Reserved: 2023-10-09T00:00:00
Link: CVE-2023-45377

No data.

Status : Modified
Published: 2023-11-22T17:15:22.083
Modified: 2024-11-21T08:26:51.197
Link: CVE-2023-45377

No data.