CVE-2024-33268
April 29, 2024, 8:15 p.m.
Tags
Product(s) Impacted
Digincube mdgiftproduct
- before 1.4.1
Description
SQL Injection vulnerability in Digincube mdgiftproduct before 1.4.1 allows an attacker to run arbitrary SQL commands via the MdGiftRule::addGiftToCart method.
Weaknesses
Date
Published: April 29, 2024, 8:15 p.m.
Last Modified: April 29, 2024, 8:15 p.m.
Status : Received
CVE has been recently published to the CVE List and has been received by the NVD.
More infoSource
cve@mitre.org
References
https://security.friendsofpresta.org/
cve@mitre.org