CVE-2023-46348 | SunnyToo sturls up to 1.1.12 on PrestaShop getInstanceId sql injection

Posted by Angelo Barbosa | Dec 14, 2023 | CVE

A vulnerability classified as critical has been found in SunnyToo sturls up to 1.1.12 on PrestaShop. This affects the function StUrls::hookActionDispatcher/StUrls::getInstanceId. The manipulation leads to sql injection.

This vulnerability is uniquely identified as CVE-2023-46348. The attack needs to be done within the local network. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2023-46348 | SunnyToo sturls up to 1.1.12 on PrestaShop getInstanceId sql injection

Related Posts

CVE-2024-6545 | Admin Trim Interface Plugin up to 3.5.1 on WordPress information disclosure

CVE-2023-48336 | cybernetikz Easy Social Icons Plugin up to 3.2.4 on WordPress cross site scripting

CVE-2022-48219 | HP Desktop PC HP TamperLock Local Privilege Escalation

CVE-2024-4710 | Uber Menu Plugin up to 3.8.2 on WordPress Shortcode cross site scripting