CVE-2023-46351

Published: 2024-01-19T14:15Z

Last Modified: 2024-11-21T08:28Z

Source: MITRE CVE List

License: MITRE-CVE-TOS

In the module mib < 1.6.1 from MyPresta.eu for PrestaShop, a guest can perform SQL injection. The methods `mib::getManufacturersByCategory()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection. > MITRE Terms of Use apply – see LICENSE‑MITRE.txt