CVE-2023-46356

Secure your products with top-tier expert knowledge and advanced Penetration Testing (CREST Approved)

Let's collaborate to build and maintain secure products

We transform threats into trust by integrating advanced tech and expertise in product security. Our approach encompasses Security by Design, rigorous security assurance and penetration testing, and compliance through expert documentation, from design to post-market.

We offer CREST-approved pen testing in EMEA, upholding top security standards.Cyber Legion - CREST Approved

In the module “CSV Feeds PRO” (csvfeeds) before 2.6.1 from Bl Modules for PrestaShop, a guest can perform SQL injection. The method `SearchApiCsv::getProducts()` has sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection. (CVSS:9.8) (EPSS:0.08%) (Last Update:2023-11-08 03:07:10)   Latest security vulnerabilities (SQL Injection) (CVSS score >= 4) – Deprecated! See channel description 

​ 

 

More To Explore