CVE-2024-33266
April 29, 2024, 8:15 p.m.
Tags
Product(s) Impacted
Helloshop
- 2.8.1 and before
Description
SQL Injection vulnerability in Helloshop deliveryorderautoupdate v.2.8.1 and before allows an attacker to run arbitrary SQL commands via the DeliveryorderautoupdateOrdersModuleFrontController::initContent function.
Weaknesses
Date
Published: April 29, 2024, 8:15 p.m.
Last Modified: April 29, 2024, 8:15 p.m.
Status : Received
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cve@mitre.org
References
https://security.friendsofpresta.org/
cve@mitre.org