{"uuid": "8f2799f1-c4d7-4216-b87a-b089c9cb6df2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2023-46351", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/19036", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2023-46351\n\ud83d\udd25 CVSS Score: N/A\n\ud83d\udd39 Description: In the module mib < 1.6.1 from MyPresta.eu for PrestaShop, a guest can perform SQL injection. The methods `mib::getManufacturersByCategory()` has sensitive SQL calls that can be executed with a trivial http call and exploited to forge a SQL injection.\n\ud83d\udccf Published: 2024-01-19T00:00:00.000Z\n\ud83d\udccf Modified: 2025-06-20T18:19:05.628Z\n\ud83d\udd17 References:\n1. https://mypresta.eu/modules/front-office-features/manufacturers-brands-images-block.html\n2. https://security.friendsofpresta.org/modules/2024/01/18/mib.html", "creation_timestamp": "2025-06-20T18:42:32.000000Z"}