Vulnerability CVE-2023-45376
Published: 2023-10-19

Description:
In the module "Carousels Pack - Instagram, Products, Brands, Supplier" (hicarouselspack) for PrestaShop up to version 1.5.0 from HiPresta for PrestaShop, a guest can perform SQL injection via HiCpProductGetter::getViewedProduct().`

 References:
https://addons.prestashop.com/en/sliders-galleries/20410-carousels-pack-instagram-products-brands-supplier.html
https://security.friendsofpresta.org/modules/2023/10/19/hicarouselspack.html
Copyright 2026, cxsecurity.com

 

Back to Top