CVE-2023-46914 Information

Description

SQL Injection vulnerability in RM bookingcalendar module for PrestaShop versions 2.7.9 and before allows remote attackers to execute arbitrary code escalate privileges and obtain sensitive information via ics_export.php.

Reference

https://security.friendsofpresta.org/modules/2024/02/06/bookingcalendar.html