{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-17T15:48:55.568","vulnerabilities":[{"cve":{"id":"CVE-2023-39648","sourceIdentifier":"cve@mitre.org","published":"2023-10-03T22:15:10.323","lastModified":"2024-11-21T08:15:45.390","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Improper neutralization of SQL parameter in Theme Volty CMS Testimonial module for PrestaShop. In the module “Theme Volty CMS Testimonial” (tvcmstestimonial) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions."},{"lang":"es","value":"Neutralización incorrecta del parámetro SQL en el módulo Theme Volty CMS Testimonial para PrestaShop. En el módulo “Testimonio de Theme Volty CMS” (tvcmstestimonial) hasta la versión 4.0.1 de Theme Volty para PrestaShop, un invitado puede realizar inyección SQL en las versiones afectadas."}],"metrics":{"cvssMetricV31":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.1","vectorString":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H","baseScore":9.8,"baseSeverity":"CRITICAL","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":3.9,"impactScore":5.9}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-89"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:themevolty:theme_volty_cms_testimonial:*:*:*:*:*:prestashop:*:*","versionEndIncluding":"4.0.1","matchCriteriaId":"950F64C2-BD91-4F39-822B-2EB3759CCE66"}]}]}],"references":[{"url":"https://security.friendsofpresta.org/modules/2023/09/26/tvcmstestimonial.html","source":"cve@mitre.org","tags":["Patch","Third Party Advisory"]},{"url":"https://security.friendsofpresta.org/modules/2023/09/26/tvcmstestimonial.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Third Party Advisory"]}]}}]}