Secure peace of mind with Cyber Legion—Your Trusted Cybersecurity Partner.

Speak With a Security Expert

Elevate your cybersecurity posture with our expert and strategic security solutions

Experience the assurance of CREST Certified Penetration Testing services


In the module “Referral and Affiliation Program” (referralbyphone) version 3.5.1 and before from Snegurka for PrestaShop, a guest can perform SQL injection. Method `ReferralByPhoneDefaultModuleFrontController::ajaxProcessCartRuleValidate` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection. (CVSS:9.8) (EPSS:0.08%) (Last Update:2023-11-01 18:34:30)   Latest security vulnerabilities (SQL Injection) (CVSS score >= 4) – Deprecated! See channel description 



More To Explore