CVE-2022-40839

A SQL injection vulnerability in the height and width parameter in NdkAdvancedCustomizationFields v3.5.0 allows unauthenticated attackers to exfiltrate database data.
References
Link Resource
http://ndk.com Broken Link Product
https://github.com/daaaalllii/cve-s/blob/main/CVE-2022-40839/poc.txt Exploit Third Party Advisory
http://ndkadvancedcustomizationfields.com Broken Link Product
Configurations

Configuration 1

cpe:2.3:a:ndk-design:ndkadvancedcustomizationfields:3.5.0:*:*:*:*:prestashop:*:*

Information

Published : 2022-11-01 05:15

Updated : 2022-11-03 02:53


NVD link : CVE-2022-40839

Mitre link : CVE-2022-40839

Products Affected
No products.
CWE