Vulnerabilities > Myprestamodules > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-11-27 CVE-2023-46349 SQL Injection vulnerability in Myprestamodules Updateproducts 3.7.6
In the module "Product Catalog (CSV, Excel) Export/Update" (updateproducts) < 3.8.5 from MyPrestaModules for PrestaShop, a guest can perform SQL injection.
network
low complexity
myprestamodules CWE-89
critical
 9.8
9.8
2023-11-22 CVE-2023-46357 SQL Injection vulnerability in Myprestamodules Cross Selling in Modal Cart
In the module "Cross Selling in Modal Cart" (motivationsale) < 3.5.0 from MyPrestaModules for PrestaShop, a guest can perform SQL injection.
network
low complexity
myprestamodules CWE-89
critical
 9.8
9.8
2023-11-17 CVE-2023-45387 SQL Injection vulnerability in Myprestamodules Exportproducts 4.1.1/5.0.0
In the module "Product Catalog (CSV, Excel, XML) Export PRO" (exportproducts) in versions up to 5.0.0 from MyPrestaModules for PrestaShop, a guest can perform SQL injection via `exportProduct::_addDataToDb().`
network
low complexity
myprestamodules CWE-89
critical
 9.8
9.8
2023-03-31 CVE-2023-26858 SQL Injection vulnerability in Myprestamodules Frequently Asked Questions Page 3.1.6
SQL injection vulnerability found in PrestaSHp faqs v.3.1.6 allows a remote attacker to escalate privileges via the faqsBudgetModuleFrontController::displayAjaxGenerateBudget component.
network
low complexity
myprestamodules CWE-89
critical
 9.8
9.8