CVE-2023-26865

CVSS V2 None CVSS V3 None

Description

SQL injection vulnerability found in PrestaShop bdroppy v.2.2.12 and before allowing a remote attacker to gain privileges via the BdroppyCronModuleFrontController::importProducts component.

Overview

CVE ID
CVE-2023-26865

Assigner
cve@mitre.org

Vulnerability Status
Received

Published Version
2023-04-24T18:15:09

Last Modified Date
2023-04-24T18:15:09

References

Reference URL	Reference Tags
https://bdroppy.com/dropshipping-apps-integrations-bdroppy/
https://friends-of-presta.github.io/security-advisories/modules/2023/04/20/bdroppy.html

Sources

Source Name	Source URL
NIST	https://nvd.nist.gov/vuln/detail/CVE-2023-26865
MITRE	https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-26865

History

Created	Old Value	New Value	Data Type	Notes
2023-04-24 19:01:49				Added to TrackCVE