Vulnerabilities > Snegurka > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-10-25 CVE-2023-46358 SQL Injection vulnerability in Snegurka Referralbyphone
In the module "Referral and Affiliation Program" (referralbyphone) version 3.5.1 and before from Snegurka for PrestaShop, a guest can perform SQL injection.
network
low complexity
snegurka CWE-89
critical
9.8