Vulnerability Description
SQL injection vulnerability found in PrestaShop smplredirectionsmanager v.1.1.19 and before allow a remote attacker to gain privileges via the SmplTools::getMatchingRedirectionsFromPartscomponent.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Smplredirectionsmanager Project | Smplredirectionsmanager | < 1.1.19 |
Related Weaknesses (CWE)
References
- https://friends-of-presta.github.io/security-advisories/modules/2023/01/17/smplrExploitPatchThird Party Advisory
- https://friends-of-presta.github.io/security-advisories/modules/2023/01/17/smplrExploitPatchThird Party Advisory
FAQ
What is CVE-2023-26864?
CVE-2023-26864 is a vulnerability with a CVSS score of 9.8 (CRITICAL). SQL injection vulnerability found in PrestaShop smplredirectionsmanager v.1.1.19 and before allow a remote attacker to gain privileges via the SmplTools::getMatchingRedirectionsFromPartscomponent.
How severe is CVE-2023-26864?
CVE-2023-26864 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2023-26864?
Check the references section above for vendor advisories and patch information. Affected products include: Smplredirectionsmanager Project Smplredirectionsmanager.