Blind SQL Injection Vulnerability in PrestaShow Google Integrator: Data Extraction and Modification via Cookie Command Insertion

CVE-2023-6921 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N

Blind SQL Injection vulnerability in PrestaShow Google Integrator (PrestaShop addon) allows for data extraction and modification. This attack is possible via command insertion in one of the cookies.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.