Skip to main content

Brevo

1 CVEs product

Monthly

CVE-2023-26859 CRITICAL PATCH Act Now

SQL injection vulnerability found in PrestaShop sendinblue v.4.0.15 and before allow a remote attacker to gain privileges via the ajaxOrderTracking.php component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

PHP SQLi Brevo
NVD
CVSS 3.1
9.8
EPSS
0.6%
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

SQL injection vulnerability found in PrestaShop sendinblue v.4.0.15 and before allow a remote attacker to gain privileges via the ajaxOrderTracking.php component. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

PHP SQLi Brevo
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy