1 results (0.007 seconds)
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-46914
https://notcve.org/view.php?id=CVE-2023-46914
SQL Injection vulnerability in RM bookingcalendar module for PrestaShop versions 2.7.9 and before, allows remote attackers to execute arbitrary code, escalate privileges, and obtain sensitive information via ics_export.php. Vulnerabilidad de inyección SQL en el módulo RM bookingcalendar para PrestaShop versiones 2.7.9 y anteriores, permite a atacantes remotos ejecutar código arbitrario, escalar privilegios y obtener información confidencial a través de ics_export.php. • https://security.friendsofpresta.org/modules/2024/02/06/bookingcalendar.html • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •