CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Ebewe: >> City Autocomplete Security Vulnerabilities

CVE-2023-30149

SQL injection vulnerability in the City Autocomplete (cityautocomplete) module from ebewe.net for PrestaShop, prior to version 1.8.12 (for PrestaShop version 1.5/1.6) or prior to 2.0.3 (for PrestaShop version 1.7), allows remote attackers to execute arbitrary SQL commands via the type, input_name. or q parameter in the autocompletion.php front controller.

CVSS Score

9.8

EPSS Score

0.106

Published

2023-06-02

Page 1

Vulnerabilities

Vulnerable Software

Ebewe: >> City Autocomplete Security Vulnerabilities

Products

Pricing

Contact Us