Skip to main content

Kerawen

1 CVEs product

Monthly

CVE-2023-40922 CRITICAL PATCH Act Now

kerawen before v2.5.1 was discovered to contain a SQL injection vulnerability via the ocs_id_cart parameter at KerawenDeliveryModuleFrontController::initContent(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi Kerawen
NVD
CVSS 3.1
9.8
EPSS
0.5%
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

kerawen before v2.5.1 was discovered to contain a SQL injection vulnerability via the ocs_id_cart parameter at KerawenDeliveryModuleFrontController::initContent(). Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

SQLi Kerawen
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy