Vulnerabilities > Prestashop > EO Tags > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-03-21 CVE-2023-27570 SQL Injection vulnerability in Prestashop EO Tags
The eo_tags package before 1.4.19 for PrestaShop allows SQL injection via a crafted _ga cookie.
network
low complexity
prestashop CWE-89
critical
 9.8
9.8
2023-03-21 CVE-2023-27569 SQL Injection vulnerability in Prestashop EO Tags
The eo_tags package before 1.3.0 for PrestaShop allows SQL injection via an HTTP User-Agent or Referer header.
network
low complexity
prestashop CWE-89
critical
 9.8
9.8