First published: Wed Nov 15 2023(Updated: )
MyPrestaModules ordersexport before v5.0 was discovered to contain multiple SQL injection vulnerabilities at send.php via the key and save_setting parameters.
|Affected Software||Affected Version||How to fix|
|Myprestamodules Orders \(csv\, Excel\) Export||<5.0|
The CVE ID of this vulnerability is CVE-2023-40923.
The severity of CVE-2023-40923 is high.
The affected software of CVE-2023-40923 is MyPrestaModules ordersexport before v5.0.
The vulnerability was discovered at send.php via the key and save_setting parameters.
Yes, a fix is available for CVE-2023-40923. It is recommended to update to version 5.0 or later of MyPrestaModules ordersexport.