Unrated severityNVD Advisory· Published Jun 2, 2023· Updated Jan 31, 2025
CVE-2023-30149
CVE-2023-30149
Description
SQL injection vulnerability in the City Autocomplete (cityautocomplete) module from ebewe.net for PrestaShop, prior to version 1.8.12 (for PrestaShop version 1.5/1.6) or prior to 2.0.3 (for PrestaShop version 1.7), allows remote attackers to execute arbitrary SQL commands via the type, input_name. or q parameter in the autocompletion.php front controller.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- ebewe.net/cityautocompletedescription
- Range: <1.8.12 / <2.0.3
Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.