Secure peace of mind with Cyber Legion—Your Trusted Cybersecurity Partner.

Speak With a Security Expert

Elevate your cybersecurity posture with our expert and strategic security solutions

Experience the assurance of CREST Certified Penetration Testing services


In the module “CSV Feeds PRO” (csvfeeds) before 2.6.1 from Bl Modules for PrestaShop, a guest can perform SQL injection. The method `SearchApiCsv::getProducts()` has sensitive SQL call that can be executed with a trivial http call and exploited to forge a SQL injection. (CVSS:9.8) (EPSS:0.08%) (Last Update:2023-11-08 03:07:10)   Latest security vulnerabilities (SQL Injection) (CVSS score >= 4) – Deprecated! See channel description 



More To Explore