Unrated severityNVD Advisory· Published Dec 28, 2023· Updated Sep 12, 2024

CVE-2023-46989

Description

SQL Injection vulnerability in the Innovadeluxe Quick Order module for PrestaShop before v.1.4.0, allows local attackers to execute arbitrary code via the getProducts() function in the productlist.php file.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

Innovadeluxe/Quick Order moduledescription
InnovaDeluxe/Quick Order modulellm-create
Range: <1.4.0

Patches

Vulnerability mechanics

References

security.friendsofpresta.org/modules/2023/12/12/idxquickorder.htmlmitre

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000