CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2023-40922

kerawen before v2.5.1 was discovered to contain a SQL injection vulnerability via the ocs_id_cart parameter at KerawenDeliveryModuleFrontController::initContent().

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 20.9%

CVSS Severity

CVSS v3 Score 9.8

References

https://security.friendsofpresta.org/modules/2023/11/02/kerawen.html
https://security.friendsofpresta.org/modules/2023/11/02/kerawen.html

Products affected by CVE-2023-40922

Kerawen » Kerawen » Version: Any

cpe:2.3:a:kerawen:kerawen:*

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-40922

Products

Pricing

Contact Us