{
  "id": "CVE-2023-27846",
  "sourceIdentifier": "cve@mitre.org",
  "published": "2023-10-31T04:15:11.057",
  "lastModified": "2023-10-31T12:58:31.637",
  "vulnStatus": "Awaiting Analysis",
  "descriptions": [
    {
      "lang": "en",
      "value": "SQL injection vulnerability found in PrestaShop themevolty v.4.0.8 and before allow a remote attacker to gain privileges via the tvcmsblog, tvcmsvideotab, tvcmswishlist, tvcmsbrandlist, tvcmscategorychainslider, tvcmscategoryproduct, tvcmscategoryslider, tvcmspaymenticon, tvcmstestimonial components."
    },
    {
      "lang": "es",
      "value": "Vulnerabilidad de inyecci\u00f3n SQL encontrada en PrestaShop themevolty v.4.0.8 y anteriores, permite a un atacante remoto obtener privilegios a trav\u00e9s de los componentes tvcmsblog, tvcmsvideotab, tvcmswishlist, tvcmsbrandlist, tvcmscategorychainslider, tvcmscategoryproduct, tvcmscategoryslider, tvcmspaymenticon, tvcmstestimonial."
    }
  ],
  "metrics": {},
  "references": [
    {
      "url": "https://security.friendsofpresta.org/modules/2023/10/25/tvcmsblog.html",
      "source": "cve@mitre.org"
    }
  ]
}